Applied Watch Technologies
How to Buy | Contact Us | Support | Site Map
Training Video
Download Demo

Applied Watch Agent

The Applied Watch Agent is modular allowing the user to selectively choose which open source application to support. The Applied Watch Agent makes command and control of Snort® possible and does so through a user-friendly wizard that streamlines the deployment process of Snort®, a process which previously took hours and days is simplified by the Agent into a two-step process that enables the user to have Snort up and running in a few short minutes. Snort® alerts are monitored via the unified binary output log, the fastest logging mechanism Snort® supports.


Applied Watch Agent Modules


Snort® Module

Snort® is a free open source network IDS maintained by Sourcefire, Inc.

Barnyard Module

Barnyard is a script developed by Sourcefire that monitors a Snort unified binary output logfile and sends the alerts to a remote MySQL or PostgreSQL database using the Snort schema.

Labrea Tarpit Module

LaBrea Tarpit is a "sticky" honeypot that traps hackers, worms, and other malware in a virtual honeypot keeping them away from mission critical servers.

Syslog Module

Syslog-NG stands for Syslog Next Generation and has quickly replaced the now antiquated Syslog. Syslog-NG integrates in support for TCP and encryption, providing reliability and security to Syslog.


Applied Watch Agent Appliances

Applied Watch Agent Appliances

Applied Watch offers a line of open source appliances that run the Applied Watch Agent. Different Agent appliances are available depending on the bandwidth requirements from 100mb to Gigabit speeds. Each purpose-built open source appliance can be configured to run certain open source applications depending on its role.

Each Agent appliance is prebuilt with:

  1. Snort®
  2. Snort-Inline®
  3. Snort-Inline® + ClamAV
  4. Barnyard
  5. ntop
  6. Nagios
  7. Open NMS
  8. LaBrea Tarpit
  9. Syslog-NG
  10. OSSEC HIDS

The Applied Watch Agent appliances have been designed from the ground up to service the requirements of any organization looking to adopt open source security software within their organization. Each appliance comprises all open source tools the Applied Watch Command Center supports and can be upgraded over the Internet. Additional open source tools that are supported can be downloaded as packages via Yum from the central Applied Watch Yum server.

The Applied Watch Agent appliances are meant to act as a combined Snort® Intrusion Detection and Prevention System, network traffic analyzer via ntop, sticky honeypot through LaBrea Tarpit, network and system monitoring via Nagios or OpenNMS, or as a distributed Nessus vulnerability scanner. Whatever the requirements of the Agent appliance is, it acts as a simple black box that can be dropped into any network environment eliminating the complexities of deploying and managing open source security software in the enterprise.


PDF DocumentApplied Watch Agent Datasheet
PDF DocumentApplied Watch Overview Datasheet

Back to the top