Introduction

The team at Intersect Alliance have developed auditing and intrusion detection solutions on a wide range of platforms,systems and network devices including Windows, Linux, Solaris, Apple Mac OSX, Cisco ASA/PIX firewalls, Cisco routers and switches, Checkpoint, PaloAlto, IIS, Apache, Exchange, MVS (ACF2/RACF), and many more. We have in-depth experience within National Security and Defence Agencies, Financial Service firms, Public Sector Departments and Service Providers. This background gives us a unique insight into how to effectively deploy host and network intrusion detection and security validation systems that support and enhance an organisation's business goals and security risk profile.

Native intrusion detection and logging subsystems are often a blunt instrument at best, and when your security team strives to meet departmental, organisational, industry or even national security logging requirements, a massive volume of data can be generated. Only some of this data is useful in evaluating your current security stance. Intersect Alliance has written software 'agents' for a wide range of systems that are capable of enhancing the native auditing and logging capabilities to provide advanced log filtering, fast remote delivery using secure channels, remote control of agents from a central collection server, and a consistent web based user interface across heterogeneous environments.

Through hard-won experience collecting log data in enterprises worldwide, Snare's capabilities have evolved over many years to provide an unmatched cohesive approach to event log management in a trusted package, that is promoted as an industry standard solution for log collection and distribution by a wide range of event management applications (SIEMs, SEMs, SIMs and LMs) and Service providers (MSSPs). The agents have an enterprise-level feature set, yet are designed to be light on disk space, memory and CPU to ensure that your servers can meet security requirements without compromising their ability to stick to core business.

The development of Snare for MSSQL allows events generated by Microsoft SQL Server to be collected and forwarded to a remote audit collection facility. Snare Enterprise Agent for MSSQL will also allow a security administrator to fully remote control and monitor the application through a standard web browser.  Other Snare agents are also available for Windows (2003/XP*/Vista/2008/Windows7/Windows8/10/2012(R2)/2016/2019), Linux, Solaris, Epilog and many more. *Last supported release for XP is v5.1). The agents are capable of sending data to a wide variety of target collection systems, including our very own Snare Server (see Snare Server for further details).   A feature of the Snare Server is the Agent Management Console that provides the ability to audit and manage the configuration of the Snare Agents within your environment, further discussed in Snare Agent Management Console.

Welcome to 'Snare' - System iNtrusion Analysis & Reporting Environment.