Snare Server

Owned by Mirza Baig (Unlicensed)
Last updated: Sept 14, 2018
2 min read

The Snare Server is a log collection, analysis, reporting, forensics, and storage appliance that helps you meet departmental, organisational, industry, and national security requirements and regulations relating to log and event data. It integrates closely with the Snare agents to provide a cohesive, end-to-end solution for your log-related security requirements.

The Snare Server collects events and logs from a variety of operating systems, applications and appliances including, but not limited to: Windows workstations and servers, Linux, Solaris, AIX, OSX, ACF2, RACF, CISCO Routers, CISCO PIX Firewall, CyberGuard Firewall, Checkpoint Firewall1, Gauntlet Firewall, Netgear Firewall, IPTables Firewall, Microsoft ISA Server, Microsoft IIS Server, Lotus Notes, Microsoft Proxy Server, Apache, Squid, Snort Network Intrusion Detection Sensors, IBM SOCKS Server, and Generic Syslog Data of any variety.

 

 

 

 

 

 

 

 

 

 

 

Some of the key features of the Snare Server include:

  • Ability to collect arbitrary log data, either via UDP or TCP
  • Secure, encrypted channel for log data using TLS/SSL
  • Proven technology that works seamlessly with the Snare agents
  • Snare reflector technology that allows collected events to be sent in real time to a standby/backup Snare Server, or to a third party collection system
  • Ability to continuously collect and store a large numbers of events. Snare Server collection rates exceed 30,000 events per second using low-end server hardware, or nearly one trillion events per year.
  • Ability to drill down from top level reports. This reduces the amount of data "clutter" and allows a system administrator to fine tune the reporting objectives.
  • Ability to 'clone' existing objectives in order to significantly tailor the reporting criteria. These reports, along with all Snare Server objectives, may be scheduled and emailed to designated staff.
  • A query-builder interface gives you the power to create specifically tailored reports, with search criteria that meet your security requirements, and output formats that suit the needs of your data owners.
  • Very simple download and installation
  • Flexibility when dealing with unique customer requirements
  • A strategic focus on low end hardware means that Snare can achieve outstanding results with minimal hardware cost outlay
  • Snare gives you useful data, out of the box, with default objectives tuned for common organisational needs
  • Ability to manage Enterprise Agents
  • Both major and minor Snare Server versions and upgrades are included as part of an annual maintenance fee.


The Snare Server is an appliance solution that comes packaged with a hardened, minimal version of the Linux operating system to provide baseline computing functionality, which means you do not need to purchase additional operating system licenses, database licenses, or install additional applications in order to get up and running.

For further information on the Snare Server refer to the Snare Server User Guide on the Intersect Alliance website.