Aanval v6 is now available!
Posted on 04 December 2010
Aanval v6 (Grendel) was released Thursday (12/03/10) morning. It represents more than 9 months of development and is a significant milestone in the long, nearly 7 year history of the snort & syslog correlation console.
As we’ve been commenting on over the past several months, Aanval v6 is a major interation and one we are sure greatly improves information security efficiency and security event management.
Although now would seem an appropriate time to catch up on sleep, we have a lengthy list of enhancements and features planned for v6 and will continue to aggressively roll out new builds following our release early, release often methodology.
The interface for Aanval v6 was completely re-written in Flex 4, scrapping the entire previous Flex 3 interface. The backend remains MySQL / PHP, however dozens of updates and optimizations were made to improve performance and stability.
Aanval is quite a large project, comprised of several hundred thousand lines of code. A major portion of time for this release was spent working on the interface (Flex 4). If you follow me on Twitter, you’d have witnessed a bit of my frustrations with the latest releases of Flash Builder (the unstable, Eclipse based pile of junk). But I’ll save all of that joy and excitement for another post.
A couple of more notable features of Aanval v6, besides the new multi-tasking interface are the GeoLocation displays and the re-introduced event correlation system.
- GeoLocation with integrated Google Maps is now available in both real-time and search displays to provide a global, visual reference of event attack sources.
- The event correlation system has been re-introduced with an updated interface to group and rank events that may be related to one another.
For more information on Aanval v6, including upgrade details, new license purchasing, etc – see aanval.com
A short list of a few of Aanval v6’s new features and enhancements:
- All new live GeoLocation (Google Maps)
- All new event displays
- All new event correlation
- All new event browser
- All new live even monitor
- All new frequent X displays
- All new report management
- All new action management
- All new signature management
- All new datastore management
- All new policy management
- All new snort management
- All new syslog filter management
- All new installation and update system
- All new multi-tasking interface
- All new inter-display interaction
- All new look and feel
- And much… much, more
- Dozens of bug fixes are included, too numerous to list
A selection of screenshots, a few of these may be early release or even beta.
Aanval Snort & Syslog Intrusion Detection and Correlation Console
Aanval is the industry’s leading web-based gui for snort and syslog intrusion detection and correlation. Government security and defense organizations from more than a half dozen countries, educational institutions from around the world, global financial organizations as well as space exploration and military weapons manufacturers rely upon Aanval as a part of their security infrastructure.
Enjoy.
~moses
Responses are closed for this post.
LinkedIn
