SECURITY TECHNOLOGY
Intrusion Detection
Intruder Alert™ 3.5
Host-Based Intrusion Detection and Security Policy Management
KEY POINTS
As organizations increasingly rely on the Internet for communication, collaboration, and income, the
need for security solutions that keep intruders out while providing secure access to customers and
∆
Monitors user actions continuously
to detect and prevent unauthorized activity
∆
Provides powerful Intrusion
Detection System (IDS) policy
creation and customization
∆
Ensures that current policies are
enforced with the immediate
deployment of new or modified
IDS policies and signatures
∆
Illustrates activity in concise
tables and graphs for both host
and network IDS activity
∆
Collects and securely preserves
audit data for archival and postevent analysis
∆
Allows administrators to manage
network-wide responses from a
single console
partners has grown dramatically. While firewalls and strong authentication help secure systems from
unauthorized intrusion, they do little to protect against expert hackers or authorized users with malicious
intent. By monitoring systems for patterns of abuse and warning of potential problems, Symantec
Intruder Alert provides administrators with a solution for taking proactive security steps before information is stolen or systems are misused.
√
Real-Time Monitoring Detects Malicious Activity
Intruder Alert detects unauthorized and malicious activity, keeping systems, applications, and data
secure from misuse and abuse. Real-time monitoring notifies administrators of system threats,
enabling them to take precautionary actions to prevent information theft or loss. Intruder Alert allows
administrators to create and deploy new policies, while actively maintaining the availability and
integrity of systems and data. And it provides the ability to centrally collect and securely archive audit
logs for post-event analysis.
√
Advanced Monitoring and Updates—Across All Major Platforms
Intruder Alert provides complete control over systems with policy-based monitoring that determines
which systems and activities to monitor and what actions to take. It includes a full complement of
tools that allow administrators to quickly create and apply new rules and provides real-time intrusion
detection updates in the form of tables and graphs—for both
host and network components. Specialized software agents
support most server platforms, including Windows NT,® most
commercial versions of UNIX,® and Novell™ NetWare.™ Intruder
Alert can also be configured to watch important Web or database applications running on servers.
Intruder Alert offers a variety of options for analyzing an organization’s security posture.
Symantec INTRUDER ALERT
√
A Powerful Administration Console for Enterprise Management
The Intruder Alert console allows administrators to define security roles, enabling the delegation and
separation of security administration. Silent install and remote tune-up make it easy to deploy the
software and maintain the system. And to make it even easier, administrative wizards perform many
routine tasks.
√
Integration Modules for Popular Management Systems
Intruder Alert provides integration modules to provide continuous, central monitoring of key servers
and applications on Tivoli Enterprise,™ BMC Patrol, and HP OpenView™ managed systems. Intruder
Alert fully integrates NetProwler™ SNMP capabilities to provide a complete IDS for protecting the
enterprise network. If Intruder Alert detects a security threat, it automatically sounds an alarm or
takes other pre-determined steps—such as forwarding the event to the appropriate console—to stop
a loss of data.
SYMANTEC INTRUDER ALERT IS A KEY COMPONENT OF SYMANTEC ENTERPRISE SECURITY. SYMANTEC ENTERPRISE SECURITY
COMBINES WORLD-CLASS TECHNOLOGIES, COMPREHENSIVE SERVICES, AND GLOBAL EMERGENCY RESPONSE TEAMS TO HELP
BUSINESSES RUN SECURELY AND WITH CONFIDENCE.
SYSTEM REQUIREMENTS
INTRUDER ALERT 3.5
• Management Console: Windows NT,
HP-UX, Sun Solaris™
• Agents: AIX, Digital UNIX,™ HP-UX,
Solaris, Windows NT, NetWare
WORLD HEADQUARTERS
20330 Stevens Creek Blvd.
For Product Information
Cupertino, CA 95014 U.S.A.
In the U.S., call toll-free
1.408.253.9600
800.745.6054.
1.800.441.7234
• Manager: AIX, HP-UX, Solaris, Windows NT
www.symantec.com
Symantec has worldwide
operations in 36 countries.
For specific country
offices and contact numbers
please visit our Web site.
Symantec and the Symantec logo are U.S. registered trademarks of Symantec Corporation. All other brands and products are trademarks of their respective holder/s.
© 2001 Symantec Corporation. All rights reserved. Printed in the U.S.A. 04/01 All product information is subject to change.
16-71-00068