Data Center uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. We use real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
There are three primary uses:
1) Straight packet sniffing like tcpdump
2) Packet logging (useful for network traffic debugging, etc)
2) Full implmentation for realtime network intrusion prevention.
|Bandwidth Mbs||Price per Month|