360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
NetXMS is a network monitoring and management system with a modular architecture. It can be used for monitoring an entire IT infrastructure, starting with SNMP-capable hardware (like switches and routers) and ending with applications on servers. The system has a three-tier architecture; the information is collected by monitoring agents (either its own agents or SNMP agents) and delivered to the monitoring server for processing and storing, where it can be accessed by using the management console. It features centralized configuration and centralized agent upgrades.
jWatchdog delivers a simple watchdog to actively monitor your infrastructure and send you notifications in case something goes wrong. It is configured using a simple XML configuration file. This configuration file can be changed on-the-fly without a need to restart the watchdog. jWatchdog does not offer data collection itself. It assumes that you already collected the data on which you want to run jWatchdog. The de facto standard tool Collectd is recommended for data collection. jWatchdog assumes that you use the RRDTool collectd output plugin to store the collected data in RRD files, or use Graphite as a datasource.
Jmx4Perl provides an alternate way of accessing Java JEE Server management interfaces that are based on JMX (Java Management Extensions). It is an agent-based approach where a small Web application deployed on the application server provides HTTP/JSON-based access to JMX MBeans registered within the application server. It is set up from a handful of Perl modules, which can be integrated seamlessly in your own programs. It also includes a Nagios plugin, check_jmx4perl, a jmx4perl command line tool for remote JMX queries and operations, and a readline-based JMX shell j4psh, with context sensitive command completion and syntax highlighting.
Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
LogAnalyzer is a Web front-end for syslog and other network event data. It provides easy browsing, searching, basic analysis, and some graphics. Data is taken from databases or plain syslog text files, so LogAnalyzer does not require changes to an existing logging infrastructure. Depending on the log data present, it can process syslog messages, Windows event log entries, and some more exotic things. Its troubleshooting support enables users to quickly find solutions to problems seen in the log data. LogAnalyzer was previously called phpLogCon, and has been renamed since v3.