Source projects. The first release will be Harvester, which provides software for the robust data collection,consolidation, archiving and analysis of network, system, application, user activity for security related events.
All farm9?s Open Source projects will be consolidated at
www.farm9.org
and available to the public on September 3, 2002. Existing open source projects from farm9 that will move to this site are CryptCat and other encryption, testing and auditing tools. As a true open source solution, the software will be available free of charge and comes with source code and a comprehensive set of tools and utilities for deploying into any environment.
Features
The open source project for Harvester will be jumpstarted based on the existing software developed by farm9. The current code-base in production has processed in excess of 100 million events in a single month.
Harvester is currently based on the following open source tools: OpenBSD, Linux, Mysql, Apache, PHP, Zope, Perl, Python, Sabernet, Jpgraph, Snort, Nessus, Whisker.
The core engine provides near real -time data collection from host systems (web, mail, etc), network infrastructure systems (router, switch, DNS, PDC/BDC, etc.) and security infrastructure systems (firewall, IDS, VPN, etc.).
Robust consolidation is provided through a centralized database repository. The scoring system provides for standardizing event priorities across different system types and can be used for customizing scores for specific environments. A separate plug-in module provides automation of audit trail archiving.
Comprehensive analysis is provided across several modules, these are correlation, vulnerability management and event management modules. Vulnerability management combines system testing with osvdb.org vulnerability alerts. Event management provides ticket creation, escalation, tracking and reporting capabilities.
Timeline
All farm9?s Open Source projects will be consolidated at www.farm9.org and available to the public on September 3, 2002. Harvester information will include:
o Project Objectives
o Architectural Documentation
o Technical Specification Draft
o FAQs
o Facility for Soliciting Comments
The first code release of Harvester is slated for October 2002 and will include:
o Revised Technical Specification
o Core engine for collection and consolidation
o DB module for MySQL
o Archiving module
o Agent modules for integrating various sensors
o Common scoring engine
o API for adding additional agent modules
A second release slated for December 2002 and will include bug fixes and an enhanced installation process. Why farm9 is Doing This
farm9 primary business is providing security services to our clients. Our investment in developing robust security software has allowed us to offer scalable and profitable services. The primary value to our clients is in the 24×7 monitoring, analysis and support that we provide.
farm9 believes that a strong commitment to the Open Source community will help us build better name recognition and obtain access to new clients that have 24×7 operation staff but want commercial technical support for the software.
As an Open Source project the software will be enhanced through peer review and result in extensible high-quality code, secure design and wider industry expert participation in defining functionality & features.
About farm9
farm9 was founded as a California corporation in March of 2000 and is privately held. Farm9 has facilities located in Oakland California. farm9 is a leading provider of subscription based managed services and complementary professional services protecting our clients? critical computing infrastructure. This combined service approach allows farm9 to provide customized end-to-end security solutions to the specific requirements of Financial Services, HealthCare and Internet-driven organizations.
Category:
- Open Source