Snare 是一個軟體工具的集合, 用於從各種作業系統和應用程式收集審計日誌資料, 以促進集中式日誌分析,可與任何SIEM或Security Analytics平台完美匹配。企業代理可用於 Linux、OSX、Windows、Solaris、Microsoft SQL Server、各種瀏覽器等。Snare使用可靠的工具幫助世界各地的公司改善其日誌收集,管理和分析,這些工具可以節省時間,節省資金並 降低風險。
Snare 目前被全球成千上萬的個人和組織用來滿足與審計和事件日誌收集相關的地方和聯邦資訊安全準則。
Snare Central
Snare Central是唯一使您能夠完全控制日誌的解決方案,它使您可以從任何地方收集任何日誌,同時管理哪些數據可以到達何處以及可以到達多少地方。Snare Central負責歸檔日誌,遠程管理代理,將日誌路由到多個目標,包括MSSP,SOC和其他第三方解決方案以及Snare應用程式。
Supporting your security and compliance needs
Our enterprise-level yet flexible log management solution, Snare Central helps organizations crush their security goals.
- Over 600 out-of-the-box and customizable report
- Collect any logs from anywhere
- Filter out event and log noise
- Customize what data goes where
- Ingest syslog feeds from any device
- Over 100 log adapters to parse common syslog data
- SNMP trap alerts from network devices
- Batch bulk uploads of archived data
Snare Agents
Snare Enterprise Agent快速部署且易於升級,是任何可靠日誌管理解決方案的事實上的日誌收集器
Snare Agents
Snare Enterprise Agent快速部署且易於升級,是任何可靠日誌管理解決方案的事實上的日誌收集器
THE LOG COLLECTION FOR LOGGING GURUS
Log collection is the bedrock of a strong SIEM solution and the Snare Agents are the global standard for feature-rich, reliable, lightweight log collectors. We have been the go-to log collection solution for over a decade and preferred log management solution by 3rd party SIEMs when their own log collectors don’t cut it.
When it comes to MSSQL databases, Snare has a dedicated MSSQL Agent that tracks sensitive data access, and all SQL user activity, masks sensitive data and provides a critical separation-of-duties DBA / Administrators and security teams with activity monitoring.
We have the global standard for feature-rich, reliable, lightweight log collectors. Rock solid log collection is both a compliance and security imperative. When companies across the world want the best, they choose Snare.
► Lightweight – Under 5% of CPU and 20 megs of memory
► Compliance – Gather data needed for PCI DSS, SOX, GDPR, HIPAA. NISPOM, PIPEDA and more.
► Formats & Protocols – A wide variety of formats and protocols support your needs no matter your ecosystem
► Operating Systems – We have Agents for Windows, Linux, OSX, MSSQL and Solaris
Key Snare Agent Benefits
Remote Management
Agent Management Console enables bulk agent management and administrators can not only remotely monitor changes to the Agent’s configuration but through our binary distribution functionality admins can update agents across the organization from a central location.
Integrate with any SIEM
Popular with consultants, MSSPs and in-house security professionals, Snare works in conjunction with nearly every brand of SIEM and Security Analytics software on the planet. You can even link up different SIEMs through Snare.
File Integrity Monitoring
Detect changes in files and directories or even monitor your registries with RIM, Registry Integrity Monitoring. FIM and FAM (File Activity Monitoring) are critical parts of any centralized logging solution.
Snare Central
Snare Central是唯一使您能夠完全控制日誌的解決方案,它使您可以從任何地方收集任何日誌,同時管理哪些數據可以到達何處以及可以到達多少地方。Snare Central負責歸檔日誌,遠程管理代理,將日誌路由到多個目標,包括MSSP,SOC和其他第三方解決方案以及Snare應用程式。
Centralized Log & Agent Management
Centralize log collection and management across various protocols and formats in one easy to manage solution. Our solution offers cost effective forensic and long-term storage, centralized agent management and you can upgrade all your agents from one location. Snare Central’s real-time monitoring will help your company quickly and efficiently improve your security posture and support your compliance requirements.
Secure, Reliable and Compliance Ready
Get the data you need for compliance regulations like HIPAA with over 200 out-of-the-box and customizable reports including reports specifically for PCI, SOX, and NISPOM. Coupled with Snare Agents you’ll get point-to-point encryption (using TLS) of log data. Use TCP to verify log delivery or use UDP if your organization prefers.
Reduce SIEM & Security Analytics Costs
Our platform agnostic applications help you integrate solutions from multiple vendors and manage even the most complex log collection and management environments with powerful components, like Central’s Reflector.
特色
Snare Repository
Real-Time Monitoring & Intelligent Alerting
Get a look at your log data in real-time within Snare Repository and build custom alerts to go off when metrics, like failed sign ons, reach defined thresholds.
300+ Out-of-the-Box and Customizable Reports
Snare Repository’s out-of-the-box reports include compliance reports for standards like PCI, HIPAA, NIPSOM and SOX so you are ready to go after deployment. You can also customize those reports or create your own to meet your business’ specific objectives.
Cost Effective Long-Term and Forensic Storage
Snare Repository empowers you to store your logs for forensics and / or long-term storage in a cost-effective manner so you are not driving up SIEM and Security Analytics costs with superfluous data that will only bog down your MTTD and MTTR.
Snare Reflector
Complex enterprise architectures, especially multi-vendor solutions can become overly cumbersome but Snare Reflectors help you direct log collection traffic efficiently and with minimal overhead in both time and hardware.
Forward Logs to Countless Destinations
Determine which kinds of logs in what format go where (SOCs, MSSPs, SIEMs), and not only go to multiple destinations, but to multiple SIEMs from multiple vendors, integrating your security solutions across disparate systems. The Reflector can also reflect logs in their received format such as if the original system or Snare agent was sending in that format.
Parse and Truncate Logs Based on Destination
The Reflector can filter out logs you don’t need, reducing SIEM costs and cache logs when network flow is interrupted, allowing you to send critical or different sets of logs to each destination. The reflector also has some smart syslog formats for when sending to QRadar and RSA Envision. For a thorough list of supported formats please reach out!
Mask Sensitive Data
The Reflector can be configured to mask sensitive data within the logs such as private patient data or credit card information or any other data as required by various compliance standards.
Agent Management Tools
Manage, monitor and update your Snare Agents from a central place. Snare’s agent management tools make your life easier without sacrificing log collection coverage
Centralized Log Collection Management
You can manage your SNARE Agents remotely through the SNARE Agent Management Console (AMC), which is a workbench interface.
The AMC lets you automatically audit Agent configuration and alerts you if there are any discrepancies in your Agents. This helps you understand whether the configurations of any Agents have been unexpectedly modified.
You can also use the AMC to create management objectives for your environment, including:
- managing compatible SNARE Agents even if they don’t report to the SNARE Server
- automatically identifying SNARE Agents that report to the SNARE Server and treating them as a reporting Agent
- adding non-reporting SNARE Agents
- specifying the type of Agent to be managed, ensuring configuration integrity
- pulling the current configuration from any compatible SNARE Agents in the environment
- pulling the current configuration of Master Agent to compare against the managed list of Agent configurations
- pushing a master configuration out to each of the Agents to standardize and revert unauthorized configurations automatically.