Prelude Compatibility

Prelude is a SEM system capable of interoperating with all the systems available on the market.

Prelude provides a C, C++, Python, Ruby, Lua and Perl framework so that you can convert existing security applications to use the Prelude system (Native compatibility). It also provides some home-made sensors such as the Prelude-LML log analyzer (Log Compatibility) or the Prelude-Import data importer which is a commercial module. A Prelude sensor is a program which has the ability of using the Prelude framework.

Native Compatibility

The native compatibility existing between Prelude and certain security solutions improves the quality of the data collection and configuration possibilities.

AuditD The Linux Audit Daemon
Nepenthes A versatile tool to collect malware
ufwi-filterd An identity access management solution at the network level
OSSEC An Open Source Host-based Intrusion Detection System
Pam Linux Pluggable Authentication Modules
Samhain A file integrity checker
Sancp A network traffic statistical information collector
Snort The Defacto Standard Open Source IDS
Suricata (new) Maybe the future Defacto Standard Open Source IDS

Learn more and install the Prelude native sensors with the 3rd Party Agent Installation Page

Log Compatibility

Prelude depends on no single brand or format and is capable of analyzing any type of log (system logs, syslog, flat files, etc.)

Example of supported logs:
Firewall, Routers & VPN BIG-IP, Check Point, CISCO ASA, CISCO IOS, CISCO Router, CISCO VPN, D-Link, Ipchains, IpFw, Juniper Networks NetScreen, Linksys WAP11, ModSecurity v2, Netfilter, SonicGuard SonicWall, Symantec, xg45-datapower
IDS CISCO IPS, Portsentry, Shadow, Tripwire
Monitoring APC-EMU, ArpWatch, Dell OpenManage, Nagios
AntiVirus/AntiSpam ClamAV, P3Scan, SpamAssassin, Navce
Database Microsoft SQL Server, Oracle
SMTP/POP Server Exim, Postfix, Qpopper, Sendmail, Vpopmail
Web Server Apache
Vulnerability Scanner Nessus
Honeypots Honeyd, Honeytrap, Kojoney
Authentication OpenSSH, Su, Radius
Applications Asterisk, Cacti, Libsafe, Shadow Utils, Squid, Sudo, Cisco ACE, Pam, Pcanywhere
OS (security tools) GrSecurity, PaX, SELinux
Miscellaneous Unix specific logs, Webmin, Windows Server, Arbor, Linux bonding, Microsoft Cluster Service, NetApp ONTAP, NTSyslog, OpenHostAPD, Rishi, Suhosin, Vigor

framework.png View (12.1 KB) , 09/11/2008 04:45 PM