.gif)
Snare (software)
Encyclopedia
Snare is a group of open-source agents, and a commercial server, used to collect audit log data from a variety of operating systems and applications to facilitate centralised log analysis
. Agents are available for Linux
, Windows
, Solaris, IIS
, Lotus Notes
, Irix
, AIX, ISA
and more.
Snare is currently used by hundreds of thousands of individuals and organisations worldwide.
kernel module to implement Trusted Computer System Evaluation Criteria
auditing at the C2 level.
Agents for Windows
, and Solaris soon followed, and additional operating systems, and applications were added to the mix over time.
The Snare Server software was originally designed to meet the needs of Australian-based intelligence agency clients, and distribution was restricted to Australia only. The need for a server solution to complement the increasingly popular Snare agents, pushed the InterSect Alliance team to find overseas partners, and allow distribution internationally.
Organisations that produce audit server software that competes with the Snare Server software, such as Cisco
, Sensage , and LogLogic
, all use and recommend the Snare agents to their customers.
The central server can be either a syslog server, a Snare Server appliance, or a custom application. Snare agents are also able to push logs over a unidirectional network
in order to facilitate log transfer from networks of low classification to networks of higher classification.
The Snare Server is an appliance, or software-only solution, that provides a variety of analysis tools and to facilitate the collection, analysis, reporting, and archival of audit log data.
Log analysis
Log analysis is an art and science seeking to make sense out of computer-generated records...
. Agents are available for Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, Solaris, IIS
Internet Information Services
Internet Information Services – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. It is the most used web server after Apache HTTP Server. IIS 7.5 supports HTTP, HTTPS,...
, Lotus Notes
Lotus Notes
Lotus Notes is the client of a collaborative platform originally created by Lotus Development Corp. in 1989. In 1995 Lotus was acquired by IBM and became known as the Lotus Development division of IBM and is now part of the IBM Software Group...
, Irix
IRIX
IRIX is a computer operating system developed by Silicon Graphics, Inc. to run natively on their 32- and 64-bit MIPS architecture workstations and servers. It was based on UNIX System V with BSD extensions. IRIX was the first operating system to include the XFS file system.The last major version...
, AIX, ISA
ISA
Isa is the name by which Jesus is known in the Muslim world.Isa may also refer to:* Isha Upanishad, Hindu religious text* Isa , 2004 album by Enslaved* Isa , common Arabic and Turkish male name...
and more.
Snare is currently used by hundreds of thousands of individuals and organisations worldwide.
History
The Snare series of agents began life in 2001 when the team at InterSect Alliance created a LinuxLinux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
kernel module to implement Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria is a United States Government Department of Defense standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system...
auditing at the C2 level.
Agents for Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, and Solaris soon followed, and additional operating systems, and applications were added to the mix over time.
The Snare Server software was originally designed to meet the needs of Australian-based intelligence agency clients, and distribution was restricted to Australia only. The need for a server solution to complement the increasingly popular Snare agents, pushed the InterSect Alliance team to find overseas partners, and allow distribution internationally.
Distribution
Snare has been described as the 'De Facto standard for Windows event retrieval' , and because of its deep roots in the open source movement, coupled with available commercial support options, is used by small non-profit organisations, right up to huge multinational, Fortune-500 companies.Organisations that produce audit server software that competes with the Snare Server software, such as Cisco
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
, Sensage , and LogLogic
LogLogic
LogLogic is a technology company that specializes in Security Management, Compliance Reporting, and IT Operations products. LogLogic developed the first appliance-based log management platform. LogLogic's Log Management platform collects and correlates user activity and event data...
, all use and recommend the Snare agents to their customers.
Design
The Snare agents have been designed to collect audit log data from a host system, and push the data as quickly as possible, to a central server (or servers), for archive, analysis, and reporting.The central server can be either a syslog server, a Snare Server appliance, or a custom application. Snare agents are also able to push logs over a unidirectional network
Unidirectional network
A unidirectional network is a network appliance or device allowing data to travel only in one direction, used in guaranteeing information security...
in order to facilitate log transfer from networks of low classification to networks of higher classification.
The Snare Server is an appliance, or software-only solution, that provides a variety of analysis tools and to facilitate the collection, analysis, reporting, and archival of audit log data.
External links
- Commercial server product home page
- Commercial server product home page
- Open-source agents home page
- SNARE on SourceForgeSourceForgeSourceForge Enterprise Edition is a collaborative revision control and software development management system. It provides a front-end to a range of software development lifecycle services and integrates with a number of free software / open source software applications .While originally itself...