Endace Security Manager (ESM)
Formerly known as Applied Watch, Endace Security Manager (ESM) provides an easy-to-use, powerful, management suite for deploying and managing open-source security engines such as SNORT and Suricata across single or multi-instance IDS probe deployments.
ESM is used to manage Intrusion Detection System deployments from a single probe to multi-instance deployments consisting of hundreds of sensors and is the essential management tool for SNORT® and Suricata users today.
ESM consists of three components: the ESM Server, ESM Agent and ESM Client Dashboard.
- The Dashboard provides a rich graphical console for viewing and actioning alerts, and managing the rules and configurations on your Probes
- The Server collects alerts and provides a central repository for configuration, rules and alerts
- The Agent runs on each Probe and is responsible for applying rules and config changes to the SNORT engine running on each Probe
Learn more about deploying scalable Intrusion Detection Systems and how Endace Security Manager fits in to your overall security architecture.
Monitoring your IDS sensor network
ESM provides centralised monitoring of your IDS probes. With ESM you can monitor the heartbeat of all of your sensors from a central location – bringing the power to see all to your entire sensor network
Event Management
View events in real-time across your entire sensor network. Drill down into the event detail allowing fast accurate decision-making. Couple this with Endace's sophisticated Network Analytics tools or leverage open-source tools such as Wireshark.
Manage Rules
ESM provides a simple, centralised management console for managing and deploying rulesets from a range of different sources.
Our customers typically use ESM to deploy and manage a blend of rule sources, including Open Source (Emerging Threats), Commercial (VRT) and your own custom rules.
