THE SENSOR MANAGER APPLICATION

The Sensor Manager Application will install onto any currently supported Microsoft Windows Operating System and is used to centrally manage multiple open-source Zeek, Snort, Suricata and Wireshark sensors  deployed on your network.

The Application is used for configuring security policies that need to be applied to remote sensors, for receiving logs and alerts from remote sensors and for analysing the network traffic, in an intuitive and easy to use web portal environment.

INCLUDED IN A SUBSCRIPTION PURCHASE

• Sensor Manager Application for Microsoft Windows (licenced per host pc).
• ASP.NET Web User Portal Application ready to host on a Microsoft IIS Server.
  
• Splunk Application for Viewing, Correlating and Threat Hunting Sniffa, Snort and Suricata Alerts with Zeek Metadata logs in Splunk Enterprise or Cloud.
• Activation Key to unlock the software for the duration of your subscription period and limited to the number of Sensors chosen at your purchasing options.
• Build Scripts for Sniffa NSS Sensors (compatible for certain versions of Ubuntu and CentOS platforms). Provided with your Activation Key.
• Entitlement to Application Upgrades if they are made available during your subscription period.
• Email support for the duration of your subscription period.

SUBSCRIPTION OPTIONS

Subscription prices are listed as per sensor and each licence allows you to install the Sensor Manager Application on a single host PC.

SOFTWARE INTEGRATIONS

The Sniffa Sensor Manager Application and Sniffa Sensors can integrate with the following vendor software solutions.

Further information about the Sniffa Splunk Application can be found on Splunkbase.

SENSOR HARDWARE

Do you need hardware appliances to build Sniffa Sensors onto?

We can provide sensor appliances that are pre-built, pre-loaded and pre-configured to operate with our Sniffa Sensor Management Applications.

The Sniffa S2 Open-Sensors are built with an unmodified version of the Ubuntu Server Operating System (latest 21.10) and include the best-of-breed open-source Threat Detection software pre-installed and ready to go.

The term 'Open-Sensor' means exactly what it says on the tin.

You are able to install supplementary software alongside the pre-installed Threat Detection software that you might consider appropriate in your environments.

As well as reducing your overall operating expenditure (OPEX), having an Open-Sensor approach, means our sensors will easily fit into any software upgrade or vulnerability patching lifecycles you already run within your network environments. What's more, you own the tin, so Open-Sensors can be re-formatted after your subscription expires and you can re-deploy to other projects as you require.

You maintain control of your security systems and you keep control of your networks.

NEED TO MONITOR A LARGER NETWORK?

If you have bigger bandwidth requirements of networks links up to 100GBits/s, we recommend deploying our sensors on one of our partner's Packet Broker Appliances and managing them centrally, using our Sensor Manager Application located in the cloud or on premises.

The Cubro Omnia Packet Brokers will not only get the maximum performance from the open-soure threat detection tools, but our Sniffa Sensor Manager application is able to correlate logs and alerts directly with packet captures and logs stored on the Cubro Omnia appliance, which will greatly accelerate your threat hunting capability.