Applied Watch Technologies
How to Buy | Contact Us | Support | Site Map
Training Video
Download Demo

Applied Watch Dashboard

An Intuitive View

The Applied Watch Dashboard is the Graphical User Interface (GUI) to the entire Applied Watch Command Center infrastructure. Users are able to manage, monitor, and respond to threats detected by remote Snort® IDS sensors managed by the Applied Watch Agent. The Applied Watch Dashboard is written entirely in Java giving the user flexible deployment options across any Operating System that supports the Java Runtime Environment (JRE). This includes Mac, Unix, Linux, and Windows.

The Applied Watch Dashboard offers real-time monitoring of alerts that are sent in from disparate Applied Watch Agents monitoring Snort®, allowing the user to take decisive action on threats to the network. Through a polished user interface that provides an enterprise facelift to open source security applications such as Snort®, organizations no longer have to use multiple scripts and web interfaces to managing their Snort® sensors.


The Applied Watch Dashboard provides:

  1. Policy Manager for designing, managing, and updating the rulesets for multiple Snort® sensors
  2. Real-time alert tables for remote Snort® sensors
  3. Helpdesk ticketing system for incident investigations and threat mitigation
  4. Intrusion Analyst journals for storing notes on IDS and IPS events
  5. A heartbeat monitor for visual indications of what Agents and Snort® processes are up and running
  6. IDS Denial of Service (DoS) attack suppression
  7. A unique user and group privilege separation system for restricting access to Snort® sensors from certain groups
  8. New Snort® rule download wizard and unattended update system
  9. and more..

Applied Watch Dashboard Features

The Applied Watch Dashboard exercises real-time alert monitoring capabilities that competing browser-based solutions are unable to match. As a robust Java-based application, the Dashboard can be installed on virtually any Operating System that supports JRE.

The Main Alert View

The main alert view offers sortable columns in the real-time alert tables for filtering out events of interest. When double-clicking on an alert, the user is presented an aggregated alert view of every event for that Snort® Signature ID (SID), which is how the event data is aggregated. The user has the option to dissect an event further by reviewing the entire packet dump from layer 1 to 7 in both HEX and ASCII.

The Policy Manager

Unique to the Applied Watch Command Center is the most powerful tool for creating, managing, and assigning rulesets to remote Snort® sensors. The Applied Watch Dashboard's Policy Manager provides a graphical interface to the unattended downloading and updating of new Snort® rules from snort.org, bleedingedge, and offline media. The Policy Manager allows everyone from the most novice Snort® user to to the more experienced to quickly and easily create new Snort® rules in seconds that previously could take much longer depending on the user's understanding of the Snort® rule language.

The Dashboard Policy Manager offers tools not previously available to Snort® users, such as a policy backup and restore system, a Wizard-driven interface for validating Snort® rules, graphical interfaces to managing the snort.conf file, and a browser tab for researching Snort® signature references.


Screenshots

Dashboard Image 1 Dashboard Image 2 Dashboard Image 3 Dashboard Image 4 Dashboard Image 5 Dashboard Image 6 Dashboard Image 7 Dashboard Image 8 Dashboard Image 9 Dashboard Image 10 Dashboard Image 11 Dashboard Image 12 Dashboard Image 13 Dashboard Image 14 Dashboard Image 15 Dashboard Image 16 Dashboard Image 17 Dashboard Image 18 Dashboard Image 19 Dashboard Image 20 Dashboard Image 21 Dashboard Image 22

PDF DocumentApplied Watch Dashboard Datasheet
PDF DocumentApplied Watch Overview Datasheet

Back to the top