Name: Astraeus Purpose: Web-Based Sensor Control and Data Analyzer for Snort IDS/IPS Updated: September 2, 2008 Category: Software

Astraeus is intended to provide complete control and analysis for a Snort IDS/IPS environment. Some of the features currently in development are:

• customizable dashboard
• event correlation (nessus, openvas, foundstone, etc)
• live events (graphs, stats, etc)
• multiple sensor support
• top events based on user settings
• multiple user accounts with different levels of access
• SQL command entry
• event search and browse capabilities
• customized email notifications
• cvs, pdf, text exports
• signature management
• full packet support with session rebuilding
• case management
• database connection encryption
• sensor stop/start
• sensor statistics and db usage

The software is written using J2EE / JavaServer Faces technology and will work with any standards-compliant application server. The following databases are natively supported:

• PostgreSQL 8.x
• IBM DB2 9
• Oracle 10g / 11g
• MySQL 5.x

Currently in development, with a beta release set for late 2008.