Aanval v6 (Grendel) was released Thursday, 12/03/10. This new version represents more than 9 months of development and is a significant milestone in the 7 year history of the Aanval snort & syslog correlation console.
Aanval v6 is a major iteration, greatly improving information security efficiency and security event management. A lengthy list of additional enhancements and features are further planned for v6 as Tactical FLEX continues to aggressively roll out new builds following the company's methodology strategy of "release early, release often."
The interface for Aanval v6 was completely re-written with Adobe Flex 4, scrapping the entire previous Flex 3 interface. The backend remains MySQL / PHP, however dozens of updates and optimizations were made to improve performance and stability.
Aanval v6 is a large project, comprised of several hundred thousand lines of code. A major portion of time for this release was spent working on the interface (Flex 4). If you follow Loyal on Twitter, you have witnessed his frustrations with the latest releases of Flash Builder.
The most notable features of Aanval v6 are the new multi-tasking interface, the GeoLocation displays and the re-introduced event correlation system.
- GeoLocation with integrated Google Maps is now available in both real-time and search displays to provide a global, visual reference of event attack sources.
- The event correlation system has been re-introduced with an updated interface to group and rank events that may be related to one another.
A list of Aanval v6′s new features and enhancements:
- All new live GeoLocation (Google Maps)
- All new event displays
- All new event correlation
- All new event browser
- All new live event monitor
- All new frequent X displays
- All new report management
- All new action management
- All new signature management
- All new datastore management
- All new policy management
- All new snort management
- All new syslog filter management
- All new installation and update system
- All new multi-tasking interface
- All new inter-display interaction
- All new look and feel (GUI)
- And much… much, more
You can view a selection of screenshots on the Aanval Web site and download Aanval to give it a test drive.
Aanval Snort & Syslog Intrusion Detection and Correlation Console
Aanval is the industry’s leading web-based gui for snort and syslog intrusion detection and correlation. Government security and defense organizations from more than a half dozen countries, educational institutions from around the world, global financial organizations as well as space exploration and military weapons manufacturers rely upon Aanval as a part of their security infrastructure.
For more information on Aanval v6, including upgrade details, new license purchasing, etc contact me and visit www.aanval.com
Enjoy.
