Winter 2007 Joint Techs

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Best Practices in Security Monitoring - Using Snort/Sguil on 10 Gigabit Networks

Time 02/14/07 08:50AM-09:10AM

This livestream has concluded. The archive video will be posted here. Archives can take up to two weeks to be posted.

Session Abstract

Sguil, an open source security analyst console (http://sguil.sourceforge.net/), has been said by some to be the best tool for network security monitoring. In this talk, we will show how Sguil integrates Snort, Tcpdump, Ethereal, and MySQL to makes alert monitoring, handling, and investigating easier. Further, we will show how this easy-to-use GUI can be implemented on the Force10 P-Series 10 Gigabit IDS/IPS/firewall.

Speakers

Speaker Livio Ricciulli Force10 Networks, Inc.

Presentation Media