Hello Everyone, I am pleased to announce the release of version 4.1 of DeepSight Extractor, and the update of the DeepSight Analyzer web-site. This release of DeepSight Extractor adds support for Norton Personal Firewall 2003, Norton Internet Security 2003 and Internet Security Systems SiteProtector 2.0. Users of these products can download the new DeepSight Extractor software, and benefit from the free DeepSight Analyzer service. In addition to the new DeepSight Extractor release, the DeepSight Analyzer site has been updated to reflect the acquisition of SecurityFocus by Symantec last year. The latest version of DeepSight Extractor can be obtained from: http://analyzer.securityfocus.com/download.asp Norton Internet Security, and Norton Personal Firewall users can obtain the latest version of DeepSight Extractor from: http://analyzer.securityfocus.com/downloadnis.asp DeepSight Extractor 4.1 now supports the following Intrusion Detection and Firewall systems: BlackIce 2.0-3.x Cisco IOS 12.x Cisco PIX 4.2-5.1 Cisco Secure IDS 2.5-3.0 Enterasys Dragon 4.2.2 Check Point Firewall-1 Next Generation, NG IP Chains ipmon (IPF) NetProwler 3.5x NetScreen 200, 100, 50, 25, 5XP Norton Internet Security 2003 Norton Personal Firewall 2003 RealSecure 3.1-5.5, 6.00-7.0 SiteProtector (ISS) 2.0 Snort 1.6-1.9.x,2.x Snort Portscan 1.6-1.9.x,2.x Snort Scan Log 1.9-2.x ZoneAlarm 2.6.0-3.7 DeepSight Analyzer is a free web-based event management console providing correlation and reporting on events being observed by your security devices. You can register for DeepSight Analyzer at: http://analyzer.securityfocus.com By joining the DeepSight Analyzer program at Symantec, you receive a number of benefits. DeepSight Analyzer gives you the following functionality, at absolutely no charge to you: 1. Automated Daily Summary Reports Each day, at the time that you choose, you will receive a summary report via email. This report summarizes all activity that your sensors have observed over the previous 24 hour period. This report includes the top events that you have seen, the top ports that you have seen activity on, the top IP addresses from which this activity has originated, and the countries from which the events originated. 2. Online Event Viewing You will receive access to the web-based DeepSight Analyzer online console. Through this console you can view a history, for previous 30 days, of all events that your systems have submitted. In addition to viewing events, DeepSight Analyzer will allow you to draft a notification message, to be sent to the owner of a network from which you have been attacked. This message will contain a detailed list of all events observed from the originating network. 3. Online Report Generation Through the DeepSight Analyzer online console you can generate reports, summarizing event activity over a period of time. You can report on the top events that are being observed on your network, determine which country, ISP, and IP addresses are attacking you, and summarize activity for a particular attacker. Feel free to contact me directly or email analyzerat_private, if you have any questions or need assistance in getting up and running, Oliver Friedrichs Sr. Manager - DeepSight (650) 381-8045 ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 23:01:20 PDT