Idappcom’s Distributed Rules Manager (DRM) is a rules management platform that streamlines and automates rule management across large deployments of SNORT™ Intrusion Detection or Prevention Systems (IDS/IPS).
Idappcom and Endace solutions combine for scalable threat detection, accelerated response to security events and reduced threat exposure.
Hosting Idappcom Open Security on EndaceProbes
Idappcom-managed SNORT deployments can be hosted on EndaceProbes in Application Dock. Every packet captured and recorded by the EndaceProbe can also be streamed to these Idappcom-managed SNORT instances in real-time.
Idappcom DRM can manage multiple SNORT instances simultaneously enabling SNORT to be deployed and managed network-wide, wherever EndaceProbes are deployed.
Integrating Idappcom DRM with Network History
Pivot-To-Vision lets security analysts pivot from DRM threat alerts directly to EndaceVision™, the EndaceProbe’s built-in investigation tool, to analyze the related, packet-level Network History.
Being able to get directly to the related packets lets security analysts quickly and conclusively establish the root cause of issues and respond appropriately, dramatically reducing the time to investigate and resolve critical incidents.
Idappcom and EndaceProbe
The integration between Idappcom DRM and EndaceProbe is built into DRM. The Idappcom-enabled SNORT VM image is available from Idappcom.
For more information about deploying Idappcom-managed SNORT on EndaceProbes and integrating with Idappcom DRM, log into our:
How about a Demo?
Interested in finding out how you can combine accurate, network-wide packet capture and recording with a multi-instance SNORT IDS deployment using Idappcom DRS?