• United States
by Mandy Andress

How we did it

Jul 19, 20041 min

How we tested NetIQ’s Security Manager 5.0.

We set up a test bed to run a number of different products and systems to monitor. This included Windows 2000 Server; Microsoft Internet Information Server 5.0; Red Hat Linux 7.3; Apache 1.3.28; Linux firewall IPTables; Check Point NG; Snort 2.0; Cisco VPN Concentrator; Cisco Catalyst Switch 3500; NetScreen-100 running ScreenOS 2.5, Nessus and Solaris 2.8; McAfee Entercept; Tripwire; and Cisco Security Agent.

After device configuration, we created various filters and correlation events. We launched Blade Software’s IDS Informer, Nessus and Internet Security Systems Internet Scanner to trigger events in our devices. We sustained approximately 300 events per second during this testing. As events were logged, we created cases and incident investigation in the products that provided this functionality.

Back to review: “Security event management software”