/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsThough a firewall is a must both for your network and desktop PCs, it is sometimes not enough. You also need some sort of IDS (Intrusion Detection System) that will hunt for security breach on your network when it occurs, and inform you well on time. nPatrol gives such protection to your
network.
Developed by nSecure Software, Bangalore, its base pack consists of a management server and an internal agent. The server lets you define the services and policies for the different parts and users of your network. It also has the alert console, reports and query managers. The internal agents are placed on all your network segments. There’s also an additional external agent, which sits between your firewall and external router to capture even those events that get blocked by the firewall. Then there’s the anomaly agent that detects anomalous activities on your network. The nPatrol engine and all agents run on dedicated Linux machines and need PIII/866 MHz machines with 128 MB RAM.
Once you configure nPatrol, assign policies and rights, and designate activities to different people, anything happening outside of this will be considered anomalous and you’ll be alerted of it. So if anyone on your network indulges in activities he has no rights for, or tries to initiate services, nPatrol will detect it and let you know. You can set various threshold levels to prevent
misuse.
nPatrol also has signature-based analysis and has implemented over 825 signatures which are CVE (Common Vulnerabilities and Exposures) compatible. CVE is an organization that aims to standardize the names for all publicly known vulnerabilities and security exposures, thus enabling data sharing across vulnerability databases and security tools. You can also assign user-defined signatures. nPatrol allows dynamic updates of rules and signatures–the updates from the management server are made on all the agents.
nPatrol also detects anomalies based on the usage statistics of the network bandwidth. This is done by the anomaly agent, which goes through a learning period to understand the pattern of usage. It can relearn and apply the changes.
As for response, you can choose to have the intrusion logged or terminated. If you have a decoy server running, nPatrol can manage it for you. You also query the events logged and get reports as you specify–as consolidated ones, or as bar or pie charts.
The indicative price is Rs 325,000 for the base pack. Each additional agent costs Rs 200,000.
Contact: nSecure Software. Tel: 80-5211545. Fax: 080-5211551.
90, 1st A Cross, 5th Main, Domlur II Stage, Indiranagar, Bangalore 560071.
E-mail: info@nsecure.net
Suma EP in Bangalore