Can somebody here give me a brief understanding about SNARE – System iNtrusion Analysis and Reporting Environment?
I wanted to know its latest features, advantages and limitations.
Thank you.
The SNARE System is a Security Information Event Management tool which is comprised of two components – SNARE agents and the SNARE Server.
The snare system is developed by Intersect Alliance, is one of the comprehensive tools, providing and collecting real time data, monitoring console, data filtering and event aggregation at the source through the use of the SNARE agents. Various Operating systems such as Linux, Lotus, AIX, ISA, Windows on which currently agents are available.
Snare agent pushes data quickly to center server for reporting and analysis purpose. its server can a be Syslog server. It is also called custom application.
The term “SNARE” or “Snare” stands for “System iNtrusion Analysis and Reporting Environment”. It is a set of software tools that collect audit log data from different applications and operating systems to aid centralized log analysis. Snare is currently being used by hundreds of thousands of organizations and individuals worldwide to meet local and federal information security guidelines related to auditing and event log collection.
The Snare agents have been designed to gather audit log data from host system and push the data as quickly as possible to central server for analysis, reporting, and archive. It also has been described as the “De Facto standard for Windows event retrieval”.
