TOC & Recently Viewed

Recently Viewed Topics

IDS Configuration

LCE has the ability to receive IDS events from multiple sources. In addition to being normalized and stored in the log database, each event will be checked against any SecurityCenter vulnerability databases. If a host is vulnerable to attack, the event is marked as such, allowing rules to trigger on this scenario so that the information can be distributed to the affected administrators.

For each IDS sensor, a sensor name and type must be defined as in the example below. The following sensor types are supported:

  • Snort
  • Bro
  • RealSecure
  • Dragon
  • IntruVert
  • IntruShield
  • Juniper
  • NetScreen
  • NFR
  • Fortinet
  • Cisco
  • TippingPoint-Sensor
  • TippingPoint-SMS

The following table describes the options that are available.

Option Description

IDS IP

The IP address of the IDS.

Sensor Name

Name to be used within the SecurityCenter logs.

Sensor Type

IDS sensor type.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.