ICSA Labs IDS Consortium Announces Network Intrusion Detection System Alert Specification Format.Business Editors/High-Tech Writers MECHANICSBURG, Pa.--(BUSINESS WIRE)--Feb. 23, 2004 Industry Experts from Cisco, Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Systems and Sourcefire Join Forces to Develop the Security Device Event Exchange Transport Protocol Specification ICSA See TruSecure. Labs(R), an independent division of TruSecure(R) Corporation, today announced the development of the Security Device Event Exchange (SDEE SDEE Security Device Event Exchange ), an intrusion detection system This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. (IDS) alert format and transport protocol specification. SDEE is an XML-based alert format adopted by the members of the ICSA Labs Intrusion Detection Consortia and created by Cisco Systems and other leading IDS vendors including Internet Security Systems, Inc. (ISS ISS See Institutional Shareholder Services (ISS). ) and Sourcefire. IDSC IDSC Information and Decision Support Center IDSC Integrated Decision Support Corp IDSC Intrusion Detection Systems Consortium IDSC International Data Service Center (Sprint) IDSC International Dedicated Service Center members Jeff Platzer and Mike Hall of Cisco Systems, Robert Graham of ISS, Marty Roesch of Sourcefire and Marcus Ranum of TruSecure Corporation co-developed the SDEE transport protocol specification format; this team will manage future revisions to the specification. "Cisco is pleased to have participated in the development of this specification, and help address the industry-wide challenge of normalizing event messages in a common format," said Mike Fuhrman, director of engineering at Cisco Systems. "This industry collaboration underscores the advancement of IDS technology adoption today." SDEE specifies the format of the IDS alerts as well as the protocol used to communicate events generated by security devices. SDEE is flexible and extensible so vendors can utilize product specific extensions in a way that maintains messaging compatibility. In addition, SDEE will provide corporations and security vendors better management of multiple vendor environments by having all alerts communicated in the same format. SDEE builds upon the XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. , HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. and SSL/TLS SSL/TLS Secure Socket Layer/Transport Security (IETF) industry standards to facilitate adoption by vendors and users by allowing them to use existing software that implements these standard interfaces. For more information about SDEE, please visit http://www.icsalabs.com/html/communities/ids/sdee/ or contact Scott Markle at smarkle@icsalabs.com. "This spirit of cooperation is what the Internet was based upon. Rather than a complicated standard that was hard to implement, we simply sat down together and solved the basic problem of getting our products talking to each other," said Robert Graham, chief scientist, Internet Security Systems, Inc. "Consensus standards like this are an important indicator that a technology has matured and become mainstream. This effort is proof that meaningful and useful standards can be agreed-upon quickly and effectively, providing a great benefit for customers as well as IDS vendors and third parties," said Marcus Ranum of TruSecure Corporation. About IDSC ICSA Labs formed the IDSC consortium in 1998 to provide product developers an open forum within which they could work towards common goals. These goals include educating end-users, influencing industry standards and maintaining product and marketing integrity. Members meet on a quarterly basis and participate in ongoing discussions and cooperative projects such as certification criteria development, buyer's guides and white papers. Membership is open to any developer of intrusion detection and intrusion prevention systems. Current members include: Cisco Systems, Inc., Fortinet, Internet Security Systems, Inc. (ISS), SecureWorks, Sourcefire, Inc., Symantec Corp. and Tripwire trip·wire n. 1. A wire stretched near ground level to trip or ensnare an enemy. 2. A wire or line that activates a weapon, trap, or camera, for example, when pulled. 3. , Inc. A complete list of current IDSC Members can be found at: http://www.icsalabs.com/html/communities/ids/membership/index.shtml For more information about the IDSC or the SDEE, please visit http://www.icsalabs.com. About ICSA Labs ICSA Labs, an independent division of TruSecure Corporation, offers vendor-agnostic testing and certification of security products. Hundreds of the world's top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests products in key technology categories such as anti-virus, firewall, IPSec VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. , cryptography, intrusion detection, PC firewall, content security, SSL-VPN and Wireless LAN. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion