-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/14/2011 11:27 PM, Kristian Erik Hermansen wrote: > On Mon, Feb 14, 2011 at 8:53 PM, <benjamin.har...@gmail.com> wrote: >> I want to be able to monitor my clients IDS system or install Snort on their >> side and monitor remotely. >> >> I also want the ability to keep an eye on their firewall and also manage >> remotely. Same for VPN's. >> >> I'm currently looking at Ichinga. Any advice would be helpfull. > > Check out OSSIM. > http://www.alienvault.com/community.php?section=Home
That's a good tool. Takes up a fair amount of RAM, but does a substantial number of functions. It's a true "single pane of glass solution". I deployed it and played with it for a while. However I wanted to use different pieces of software then what they included, as I had familiarity with them, but more importantly had invested in setting up those individual pieces of software already. If it was a brand new deployment, I would deploy OSSIM every time. It has inventory/monitoring/security etc. I might still deploy OSSIM for the incredibly powerful event correlation capabilities. I don't see myself converting over wholesale though. So what do I use for my security/monitoring needs? This is all for my personal systems (which I use heavily in my consulting practice). Essentially I'm a small data center (48U worth of gear in my garage). I am currently utilizing * opsview (availability monitoring/reporting/trending/analysis) (have the agent deployed on my bare metal systems and all virtual machines). * ossec (hids) * 8pussy.org (splunk replacement) * pfsense for firewall (inbound/outbout filtering) router (bgp/ospf) ids (snort). * I also have netdash/netdisco/network authority inventory (network monitoring and config management) * Proxmox for virtualization. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNXT86AAoJEMvvG/TyLEAtzaEQALiv/+Pc43zZ8GkPsMETHUM4 PCiN6zty2cPsNYhkjCorjpEMYTkFEd09kRZb2aO51DL3dTquQMKjIkkn1mhqDtFG 2UlGozS/1np2QEVReWwHp0E15rdPxrLjQW7riLrewPn6V7ccC4Rv3cZfJxVzyZto sjLic9kN3CXM61CnxMQG+cUUrU1u1m9td3ERAx2FQdI0l6K8XPAfo8wb7RLyqjdl bL4sJI9nJZSYz6qpWkx7R9wf/DVwQq1gjUGnzvJh2yGioemJ92OvRvdBfHwFuYVC oczmfTS0hZWymnOfcYw9DEeVEm23jU2OKkmxlQewPp/vItCUVF1h+Q13LTrMI9Rv 3WfJCOpq96JQCVz1gXiXDdDRFtxOIneWLi57KVRApr4X4nRWZqg4GK9RWuQikMO3 gBcM3YQ6cpWDhc/CpvHZ21wbYzKsWH6zAVAMetaw+bQysXTsXDftTU9gQHA+JE/l 7SPAuk3AZ/O/OlzhaorW4DTy6qNKNpPZunh/6/qWg2vfLmNXemXTrqGSS2eXpnC0 wIEcmmZCrrQ68Q/GBQzZxXMoBp10Cgt0mkY+fvq/mbRI6h82xXKacJuFhCl/stEb Zqq+qEpx9alC08eMz9tzxD3uK6+DgQD8d/++PsjJfLiQ1+dHoFrM0BEQxJgOIvIh 3zxoE+MtddxgGGQv8vQ+ =tFZc -----END PGP SIGNATURE----- _______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers
