Simpler provisioning, configuration, rules & IOCs management, Threat Intel. Feeds Integration, alerts shipping, and monitoring for Suricata Open Source Intrusion Detection System Clusters
Manage multiple Suricata clusters with 10's of hosts from a single, easy-to-use GUI.
Configure any Suricata option without the need to edit text files.
Stop duct taping right and left, automate your IDS operations, reduce human error and provision IDS clusters in minutes.
Thousands of companies around the world use Suricata IDS/IPS to defend their networks.
Manage Suricata IDS Clusters with ease, Provision, Configure & Monitor Clusters through an intuitive, easy-to-use web interface.
a step-by-step wizard for installing Suricata across many hosts at once, with multiple repositories to install packages from, including deploying to offline machines using the built-in packages repository, or your own custom-built packages!
Central management for starting, stopping and configuring Suricata & the logshipper (Filebeat) across the entire cluster, with a full history of all configuration changes, so you can revert back to them with a single click.
Collects key suricata metrics, hosts health metrics, loaded & failed rules and display them in one web interface.
Manage your IDS Ruleset through a centralized web Interface, with a powerful search & filtration features.
Enable a Rules feed or manually import Rules from multiple files at once, while intelligently expiring old rule revisions and enabling the new ones, saving you precious time & effort to keep your rules updated.
Each Suricata host is integrated with IDSTower to periodically checks for rules updates & apply them automatically.
Manage rule life-cycle using rule status, organize them into custom categories, add custom tags\metadata to them to add more context for analysts, all without editing a single text file.
Export IDSTower-Managed rules/IOCs to external Suricata installations or other systems in text, STIX2.1 format and more.
IDSTower lets you customize rule via the rule editor, and will parse and validate the rule syntax automatically, while intelligently inserting the changes you set to the final rule sent to the hosts.
Edit all of your rules through the web GUI, change the source code, set the category and even add tags to add more context to your analyst.
Set Rule Priority, Target and other options without editing the rule source code!, all the changes you set through the UI will be intelligently inserted into the final rule.
When you customize a rule through rule options, IDSTower will make sure to copy those customizations to the new rule revisions.
Enable Commercial & Open Source Threat Intelligence Feeds with a single click!, now with 14 pre-integrated Rules & IOCs Feeds and generic feeds support including TAXII\STIX, MISP and more!.
IDSTower will ingest Thousands of Indicators of Compromise from enabled feeds, extract their associated metadata, assign them a score, set an expiration date & expire them when they are no longer present in the feed, all automatically!
Each Suricata host is integrated with IDSTower to periodically checks for Indicators updates & apply them automatically.
All enabled indicators will be alerted on when they are detected in the monitored network traffic without you having to write any rules.
Manage Suricata hosts effectively, save time and money by automating manual work.
When you buy the professional, you will get email support with it, you can contact us at any time for issues concerning IDSTower, The Enterprise license offers tailored support as per the customer needs.
We encourage you to test out IDSTower before buying it to make sure it fits your needs, that is why we offer a Free 30-day Trial (no credit card required!).
If 30 days are not enough, please contact us and we love to help you out!
Although we would love to help, in order to keep our prices down, we have decided not to include Suricata support in the prices of our Professional License, if you are interested in getting Suricata support, The Enterprise License can fulfill this, please contact us to discuss the details.
You can get a Free 30-day Trial to test IDSTower to make sure it fits your needs, and incase you need a longer testing period or require a specific feature that is missing, please contact us and we love to help you out!.
IDSTower has been tested on several linux distributions, including CentOS & Ubuntu, please refer to the system requirements section for more details.
IDSTower installation wizard offers three different installation sources, among them is the custom user packages, all what you need to is to place your custom-built suricata packages in the IDSTower machine and you will ready to go!, please refer to our documentation for more details.