Capabilities¶
NIDS and Traffic analysis support¶
- Suricata Management
- Zeek Management
- Moloch Management
Top capabilities¶
- OpenRules
- Analyzer
- Groups
Traffic transport and management¶
- Software TAP NODE side
- Software TAP MASTER side
- Traffic dispatcher MASTER side
- Traffic Forwarder CLIENT side (Linux - Windows)
OwlH Plugins¶
- MAC management
- Known Ports management
- DNS data exfiltration analysis
Others¶
- RBAC management
- User Authentication using LDAP
- Change Control records
- Internal incident records
- OwlH software update