Cisco Security Monitoring, Analysis, and Response System
- Cisco Security Monitoring, Analysis, and Response System
-
Cisco Security Monitoring, Analysis, and Response System (MARS) is a security monitoring tool for network devices. Together with the Cisco Security Manager (CSM) product, MARS make up the 2 primary components of the Cisco Security Management Suite.
MARS is an appliance-based solution that provides insight and control of existing security deployments. It can monitor security events and information from a wide variety of sources, including third-party devices and hosts. The correlation engine in MARS can identify anomalous behavior and security threats and can use large amounts of information collected for forensics analysis and compliance reporting.
Features
- Learns the topology, configuration and behavior of your environment
- Automatically updates knowledge of new Cisco IPS signatures, for up to the minute reporting on your environment
- Promotes awareness of environmental anomalies with network behavior analysis using NetFlow and syslog
- Provides simple access to audit compliance reports with more than 150 ready-to-use customizable reports
- Makes precise recommendations for threat mitigation, including the ability to visualize the attack path and identify the source of the threat with detailed topological graphs that simplify security response at Layer 2 and Layer 3
- Integrates with the Cisco Security Manager to correlate security events with the configured firewall rules and intrusion prevention system (IPS) signatures that can affect the security event.
Supported Types
MARS centrally aggregates logs and events from a wide range of popular devices:
- network devices (such as routers and switches)
- security devices and applications (such as firewalls, intrusion detection systems vulnerability scanners, and antivirus software)
- hosts (such as Microsoft Windows, Sun Microsystems Solaris, and Linux syslog)
- server-based applications (such as databases, Web servers, and authentication servers)
- Note: Web logging is only supported on hosts running Microsoft IIS on Windows, Apache on Solaris or Linux, or iPlanet on Solaris.[1]
- Note: Hosts running Microsoft IIS on Windows need to run InterSect Alliance SNARE for IIS, from which MARS receives web log data.[2]
- network traffic (such as Cisco NetFlow).
References
External links
Wikimedia Foundation.
2010.
Look at other dictionaries:
Cisco Career Certifications — are IT Professional certifications for Cisco Systems products. The tests are administered by Pearson VUE. There are five levels of certification: Entry, Associate, Professional, Expert, and Architect, as well as seven different paths, Routing… … Wikipedia
Cisco Certified Network Associate — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
Cisco Certified Security Professional — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
Cisco Career Certifications — est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1 Entry Level 1.1 Cisco Certified Entry Networking Technician… … Wikipédia en Français
CCDA — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
CCDE — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
CCENT — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
CCIE — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
CCVP — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français
Ccsp — Cisco Career Certifications Cisco Career Certifications est un programme de certification professionnelle de la société Cisco Systems. Elles servent également de référence chez des constructeurs concurrents. Sommaire 1 Certification niveau 1… … Wikipédia en Français