Cisco Security Agent

From Wikipedia, the free encyclopedia

Cisco Security Agent
Developed by Okena/Cisco
Latest release 5.2.0 / 2007
OS Cross-platform
Genre Security / IPS
License Per-computer, through Cisco
Website Cisco Security Agent

Cisco Security Agent (CSA) is an endpoint intrusion prevention system made originally by Okena (formerly named StormWatch Agent) , which was bought by Cisco Systems in 2003. The software is rule-based and examines system activity and network traffic, determining which behaviors are normal and which may indicate an attack.

CSA uses a two or three-tier client-server architecture. The Management Center 'MC' (or Management Console) contains the program logic; an MS SQL database backend is used to store alerts and configuration information; the MC and SQL database may be co-resident on the same system. The Agent is installed on the desktops and/or servers to be protected. The Agent communicates with the Management Center, sending logged events to the Management Center and receiving updates in rules when they occur.

[edit] See also

[edit] External links