We are currently testing the installation of a new security monitoring device called Cisco MARS. Basically it watches the network for anamolies by aggregating logs from all of our servers, and network devices. It does everything from watching for IIS or Apache getting hacked to virus outbreaks. It can trace a virus outbreak back to the first machine that was infected and allows us to stop the outbreak by shutting down ports as need. Pretty interesting stuff. We are hoping that it will shed some light on our bandwidth issues as well.

This entry was posted on Friday, March 30th, 2007 at 8:24 am and is filed under hardware, networking, security, upgrades. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.