The snort management system enables engineers to efficiently manage and deploy small and/or large production snort environments.
Snort Management System: Managing Multiple Snort Instances on Many Systems
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
The Snort management system enables engineers to efficiently manage and deploy small and/or large production snort environments. This system employs the open-source WebJob framework and several other open-source technologies including: Oinkmaster, Rsync, Ssnort, and SSH. The system is designed to minimize the workload involved in managing the snort rules and related snort configuration files, while maintaining a high degree of security and robustness. A secondary goal of this system is to advance the open-source methodology for managing a large number of snort instances in an enterprise environment. This article describes how the system functions, and it further discusses the advantages and disadvantages of the solution.