Administration of Sensors – new features with packetalarm NG
All adjustments for scans of network packets and for the detection of attacks will be done at the new packetalarm NG Manager via a web based user interface. Beside the comprehensive configuration and auto-report functions, an easy-to-handle, automatic and user-friendly update procedure is provided to the administrator.
The integrated update mechanism allows among other things -an automatic installation of multiple updates, or to carry out an update on a single sensor systems in a multi-sensor environment.
Software distribution of data too is uncomplicated with the packetalarm NG Manager. The data available on the manager can be installed and distributed to specific sensors after the selection of the version. Parallel execution of updates reduces maintenance time.
For the administration of many sensors, similar signatures and rules can be merged into templates. Distribution of these templates of IDS/IPS-rules can then be transferred to the specific sensor.
Central Management with Sensor/Manager Operation
Distributed enterprise networks, countrywide authorities or government networks are the most common targets of cyber attacks. Such networks demand an operation mode with many sensors for attack detection and prevention.
The packetalarm NG-Systems can therefore operate without problems in a distributed system with an extended number of sensors. All sensors distributed over the whole infrastructure can be configured, administrated and monitored with a central manager. The sensors can thereby communicate not only local, but rather in branch offices via the Internet or VPN with the central manager.
The communication of the packetalarm-systems among each other is always encrypted with TLS. For the communication with external systems encrypted protocols such as HTTPS, SMTP via TLS, SNMP v3 and SCP are available.