Easy Rules Manager

Our custom tool to help you manage rules from multiple sources

Defence in Depth is still the most effective way to ensure that valuable corporate data is protected from the most sophisticated Cyber Attacks. Having multiple Firewall and Sensor deployments at strategic points around the IT network, will deter even the most determined Cyber Criminals from trying to gain entry.

The downside of using the Defence in Depth methodology is the cost of this equipment can be high and the management of Rules on the Sensors is near impossible. Many enterprise networks have turned to the very powerful Open Source Sensor, SNORT® to help reduce deployment costs.

 

Subscribing to Rules Feeds from companies such as IDappcom's own dedicated rules feed, will ensure that these Sensors are protecting enterprise Servers against the very latest exploits. There will also be a need to compliment those feeds with custom rules that are specific to the networks on which they are deployed, but the cost saving can be huge.

 

Managing rules from many sources and getting the right rules to the right Sensors on the network is paramount to making this deployment scenario successful. Any changes or updates to rules, have to be deployed to each Sensor quickly and in parallel to be valuable to a Defence in Depth plan.

 

Until now there has been no single tool that has been effective in being able to centrally manage sets of rules and keep all Sensors updated simultaneously.

 

IDappcom realised this dilemma and started to develop a tool, with the hope of producing a cost effective application that would solve this problem for the users of Snort® in multi Sensor environments.

The Easy Rules Manager (Snort) is available with the following functions:

  • Microsoft Windows Application (GUI).

  • Centralised Management of Snort Rules for Multiple User Access.

  • LocalDB Database Connectivity for simplified rollouts.

  • Dashboard View for Statistical Database Overview.

  • Rules Library.

  • Manual or Scheduled Rules Download & Importing.

  • Import Rules from Multiple Sources.

  • Oinkcode Compatible Rules Downloads.

  • User Defined Rules Import Options.

  • Custom Rules Creation.

  • Rules Editing & Cloning.

  • Rules Sorting & Filtering.

  • Policy Manager.

  • Custom & Automatic Policy Creation.

  • Sensor Manager.

  • Manual or Scheduled Rules Deployment to Multiple Remote IDS/IPS Sensors (by Site).

  • User Defined Rules Deployment Options.

  • Consolidate Orphaned Flowbits Rules.

  • Secure Shell (SSH) Communication to Remote IDS/IPS Sensors.

  • Local IDS Sensor.

  • Local Rules Testing & Tuning.

  • SysLog Server.

  • Alert to Rule Correlation.

  • Alert to 'WhoIs' Lookup.

  • Alert to Wireshark Filter Option.

  • User Audit & Logging.

  • Report Viewer.

To compare features on our different Rules Manager Tools click here for a simple guide