[346] in Intrusion Detection Systems
Product: Intruder Alert (ITA)
daemon@ATHENA.MIT.EDU (Jim Truitt)
Sun Sep 17 16:08:44 1995
Date: Fri, 15 Sep 1995 17:01:06 -0400
To: ids@uow.edu.au
From: jtruitt@clark.net (Jim Truitt)
Reply-To: ids@uow.edu.au
Intruder Alert (ITA)
OmniGuard/ITA is a real-time, security-event monitor that enables
security managers to detect suspicious activities and prevent
security breaches before they occur. OmniGuard/ITA monitors multiple
streams of security audit trail information across the
network, analyzes this data in real-time based on site-specified
rules, and responds automatically to critical events. If
OmniGuard/ITA's expert system detects a significant security threat,
it can notify the security administrator by flashing a
message on the management console, sending an e-mail, or beeping a
pager. OmniGuard/ITAcan also take direct measures
such as disabling the offending user ID, creating an audit trail of
the user's actions, or even shutting down the system.
If someone does manage to penetrate your network, or if an
authorized user takes unwanted actions, OmniGuard/ITA's
extensive audit trail analysis capabilities can tell you when a
security event is perpetrated by the intruder. OmniGuard/ITA's
network-wide audit trail analysis and summarization can pinpoint the
source of security violations or intrusions and help you
assess any damage that might have been done.
OmniGuard/ITA allows security managers to be more proactive with
systems security. It adds an extra measure of safety
against external hackers or internal users intent on accessing
unauthorized information. And if all measures fail, it can provide
you with an accurate damage assessment or even evidence of wrongdoing.
