/
Overview of Sections

Overview of Sections

Owned by maria ieropoulos
Last updated: Aug 22, 2019 by Leigh Purdie (Unlicensed)

Snare Central provides a dynamic, application-style point-and-click user interface, directly from your web browser. Each of the four section buttons displayed in the top-right corner of your browser (Agent Management, Reports, Status, System) corresponds to a range of capabilities, as discussed below.

Agent Management 

This section allows you to manage the configuration of Snare Agents that report to Snare Central.

In the Agent Management section, you will find functions to:

  • Retrieve system data, such as Users and Groups, from the Snare Agents reporting to Snare Central.
  • View and manage configuration on your agents provides a remote management interface .
  • Connect to the Snare Agent Manager (SAM) to manage and license your agents.


More details on the objectives available in the Agent Management of this document.                                                                                                                  


 

Reports 

Additional objectives can be:

  • Created by Snare Central users, either from scratch, or by cloning and modifying an existing objective.
  • Downloaded from the InterSect Alliance web site.


By default, the reports area will contain objectives relating to:
Active Scanning

  • Example: Scan the local network, and conduct a network vulnerability analysis on hosts that are found.
  • Example: Connect to the organisational border router and download the current configuration settings. Compare these settings to an authorised baseline configuration, and highlight any changes that have been made.


Application Audit

  • Example: Display a list of inappropriate material that has been accessed through the organisational proxy server.
  • Example: List users who have utilised the UNIX 'SUDO' command.


Network

  • Example: Display a geographic map of IP addresses that have been denied access by the organisational Checkpoint Firewall.
  • Example: Report on the top ten hosts that have initiated a port scan against the organisation, as reported by the gateway network intrusion detection system.


Operating Systems

  • Example: Generate a real-time alert when a user outside an authorised list, attempts to access a sensitive file on a Windows file server.
  • Example: Send a daily email to security administrators, if the list of users in the Domain Administrators group changes.


Snare Central

  • Example: Display a report that shows users who have modified the configuration of any Snare Central objectives.


User and Group Snapshots

  • Example: Based on the information provided by the Snare Agent for Solaris, produce a report showing any unauthorised members of the 'sensitivedata' UNIX group.

Status

This section allows you to access information relating to the status of the Snare Central server, including:

  • A simple overview of the systems that have sent event data to Snare Central over the course of a configurable number of days.
  • General statistics on the type, distribution and volume of log data that currently resides on Snare Central.
  • An overview of the data that is currently coming into Snare Central, in order to determine whether a newly installed agent is reporting to the server.             
  • General system information, relating to the hardware on which Snare Central resides.
  • Potential problems that Snare Central has detected, and wishes to inform you of.


More details on the objectives available in "Status" are available further down in this document.             

System

This section allows you to access functions that manage and maintain Snare Central and its users., and also manage the configuration of Snare Agents that report to the Snare Central server.

In the Administrative Tools section, you will find functions to:

  • Manage the anti-virus installation, including the capability to update to the latest signatures.
  • Modify settings via the Configuration Wizard.
  • Modify system configuration settings such as IP address, DNS servers, and time zones.
  • Display log files that may help the Snare Central support team to provide you with assistance.
  • Update Snare Central with new software, patch existing applications, or install new objectives.
  • Manage users, and internal Snare Central settings.


Data Backup and Restoration allows you to archive Snare Central log data and objectives to optical media, or synchronise the data store to externally attached USB drives.
Data Management Tools includes the Disk Manager, making it easier for customers to manage their storage resources.


More details on the objectives available in the System section of this document.


 




Related content

Navigating the Snare Server User Interface
Navigating the Snare Server User Interface
Snare Central v7 Documentation
Read with this
Overview of Sections v8.0.0
Overview of Sections v8.0.0
Snare Central v8 Documentation
More like this
Objectives - An Overview
Objectives - An Overview
Snare Central v7 Documentation
Read with this
Snare Agents v8.0.0
Snare Agents v8.0.0
Snare Central v8 Documentation
More like this
Snare Agents
Snare Agents
Snare Central v7 Documentation
More like this
Overview
Overview
Snare Agent Manager Documentation
More like this