OwlH will help to integrate and manage multiple NIDS solutions, providing a centralized management solution. To accomplish this, we deploy different components.
OwlH provides flexibility and scalability to be integrated with 3rd party solutions as Moloch for forensics and many others. You can grow as needed in your network.
Is an appliance running the centralized management API. All centralized stuff happens here. configurations, synchronizations.
Is an appliance that will include NIDS software as Suricata and/or Zeek. This appliance will be able to listen network traffic, analyze it and forward analysis results to an storage and visualization platform like ELK or Splunk. It also helps with network traffic transport in our Software TAP configuration
The graphical User Interface that will provide an easy access and visualization of all management capabilities