• Network World Publication
• Network World Blogs
• Industry Watch
• Hands On
• Ask Us
• Downloads
• Terms of Use

Email Network World Canada Blogs.

Categories

• Network Analysis
• Network Design
• Network Management
• Network Security

Archives

• August 2008
• July 2008
• May 2008

Highest Rated Posts

• Scrutinizer NetFlow Analyzer (Plixer International) (10 out of 10)
• NetBrute Scanner Suite (Raw Logic Software) (10 out of 10)
• Paessler PRTG Traffic Grapher (9 out of 10)
• Angry IP Scanner (9 out of 10)

Recently Updated Blogs

• Cool Tools
• CIO Canada
• Ahead of the curve
• Shane Schick's Computerworld
• Security Insider
• Industry Watch
• Blogging Idol
• Enterprise Insights
• Hands On
• IT World Canada Research
• Digital copyright reform in Canada
• Career Corner
• TechBuzz
• Varbose
• Shark Tales
• Save Microsoft Windows XP Canada
• Downloads
• The "15 cent cash grab" controversy
• Candid CIO
• Network World Ask Us
• IT World Canada Blogs
• Net Hope
• Frankly Speaking

Login

• Log in

Net/FSE (Packet Analytics)

The FSE in Net/FSE stands for “Forensic Search Engine.” This browser-based tool is aimed at network security analysts to allow them to sort through network data in the event of a security alert from intrusion prevention and detection systems, firewalls, etc. Packet Analytics says this helps analysts determine what hosts are associated with the alert, when the activity started and whether it’s ongoing, where the activity started from and how many hosts are involved.

Net/FSE does this by acting as a NetFlow collector and syslog server, so if you’re primarily a Cisco shop, you’re good. According to the company, custom agents can be designed if Netflow’s no use to you. Two presumptions here, since the company hasn’t returned calls asking the questions: We’re presuming the custom agents aren’t free, and that agents for Juniper’s jFlow and Huawei’s NetStream would likely be in stock. Hopefully, CEO Andy Alsop will have set us straight before we have to publish this. (Or, if not, I’m sure he will shortly after.)

Net/FSE was built in Mac OS X and runs on OS X and most distributions of Linux. Check for compatibility here.

And Net/FSE is free … sort of. The free licence captures up to one million events per day and offers free e-mail support. Beyond that, annual licences and support range from $1,495 plus $299 (up to three million events per day) to $18,950 plus $3,790 for up to 50 million events per day.

Remember to rate this if you use it, and use the e-mail link to suggest other handy downloads.

UPDATE: Andy Alsop of Packet Analytics has this to say about agents for Net/FSE:

Net/FSE does not natively handle jFlow or Netstream but custom handlers can be developed.  We are working with customers to develop the library of log handlers and the types of log handlers in Net/FSE is all based on the customers needs and infrastructure.  In your post about Net/FSE, yes the custom handlers aren’t free but if they have broad market applicability we will most likely do the work at no charge as it enhances our library of handlers.

Add to: del.icio.us | Digg IT | Furl | Google | magnolia | StumbleIT | Wink | Yahoo! Technorati

Posted on May 26th, 2008 by Dave Webb and filed under Network Security |

Leave a Comment

Name

Mail (will not be published)

Website

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Copyright InformationPrivacy Policy Site MapAbout UsMedia CentreReprint ServicesMobileFeedbackContact Us
PC World Canada Intergovworld.com Bio-IT World CIO Titles CMO ComputerWorld Titles CSO Darwin GamePro Infoworld Games.net
ITJobUniverse JavaWorld MacCentral MacWorld Network World Titles PCWorld Playlist IDG WorldWide Network