I just got mars and it doesn't seem to do the correlation properly. Maybe I
haven't configured it to send alerts well.
Dinesh.
-----Original Message-----
From: Greg Owens Jr [mailto:gowens@covad.net]
Sent: Wednesday, November 16, 2005 9:52 PM
To: Roger.Richardson@mcdata.com; rforsythe@5280tech.com;
phunkodelic@gmail.com
Cc: firewalls@securityfocus.com
Subject: RE: Pix Syslog analysis tools? (MARS)
I have reviewed MARS and my job is purchasing it this year. Cisco allowed
us to demo the product and I like it
Greg Owens Jr
202-489-5252
--------------------------------------------------
Sent via my Samsung I730 Phone
-----Original Message-----
>From: "Roger Richardson"<Roger.Richardson@mcdata.com>
>Sent: 11/15/05 11:05:18 AM
>To: "Greg Owens Jr"<gowens@covad.net>,
"rforsythe@5280tech.com"<rforsythe@5280tech.com>,
"phunkodelic@gmail.com"<phunkodelic@gmail.com>
>Cc: "firewalls@securityfocus.com"<firewalls@securityfocus.com>
>Subject: RE: Pix Syslog analysis tools? (MARS)
>
>
>
>Greg,
>Do you have any experience with the MARS system and what are your
>thoughts on it.
>
>
>Thanks Roger.
>
>-----Original Message-----
>From: Greg Owens Jr [mailto:gowens@covad.net]
>Sent: Monday, November 07, 2005 1:35 PM
>To: rforsythe@5280tech.com; phunkodelic@gmail.com
>Cc: firewalls@securityfocus.com
>Subject: Re: Pix Syslog analysis tools?
>
>Youmay want to try cisco MARS
>
>Greg Owens Jr
>
>--------------------------------------------------
>Sent via my Samsung I730 Phone
>
>
>-----Original Message-----
> >From: "Ralph Forsythe"<rforsythe@5280tech.com>
> >Sent: 11/7/05 1:25:43 PM
> >To: "phunked up!"<phunkodelic@gmail.com>
> >Cc: "firewalls@securityfocus.com"<firewalls@securityfocus.com>
> >Subject: Re: Pix Syslog analysis tools?
> >Check out Sawmill. I've been evaluating it lately and quite
>honestly ... it rocks! You can evaluate for 30 days free in trial mode,
>and a single-seat license is quite inexpensive (and well worth it IMO).
> >
> >- Ralph
> >
> >phunked up! wrote:
> >> Are there any good ones to use that are free or are relativly
>inexpensive?
> >>
> >> Any help would be mucha appreciated.
> >>
> >> Thanks!
> >>
> >
> >
>
>
>SPECIAL NOTICE
>
>All information transmitted hereby is intended only for the use of the
>addressee(s) named above and may contain confidential and privileged
>information. Any unauthorized review, use, disclosure or distribution
>of confidential and privileged information is prohibited. If the reader
>of this message is not the intended recipient(s) or the employee or
agent
>responsible for delivering the message to the intended recipient, you
are
>hereby notified that you must not read this transmission and that
disclosure,
>copying, printing, distribution or use of any of the information
contained
>in or attached to this transmission is STRICTLY PROHIBITED.
>
>Anyone who receives confidential and privileged information in error
should
>notify us immediately by telephone and mail the original message to us
at
>the above address and destroy all copies. To the extent any portion of
this
>communication contains public information, no such restrictions apply to
that
>information. (gate01)
>
>
DISCLAIMER:
This email is confidential and may be privileged. If you are not the intended
recipient, please delete it and notify us immediately. Please do not copy or
use it for any purpose, or disclose its contents to any other person as it may
be an offence under the Official Secrets Act. Thank you.
