Cisco Security Agent
From Wikipedia, the free encyclopedia
Cisco Security Agent | |
---|---|
Developed by | Okena/Cisco |
Latest release | 5.2.0 / 2007 |
OS | Cross-platform |
Genre | Security / IPS |
License | Per-computer, through Cisco |
Website | Cisco Security Agent |
Cisco Security Agent (CSA) is an endpoint intrusion prevention system made originally by Okena (formerly named StormWatch Agent) , which was bought by Cisco Systems in 2003. The software is rule-based and examines system activity and network traffic, determining which behaviors are normal and which may indicate an attack.
CSA uses a two or three-tier client-server architecture. The Management Center 'MC' (or Management Console) contains the program logic; an MS SQL database backend is used to store alerts and configuration information; the MC and SQL database may be co-resident on the same system. The Agent is installed on the desktops and/or servers to be protected. The Agent communicates with the Management Center, sending logged events to the Management Center and receiving updates in rules when they occur.
[edit] See also
- Network Intrusion Prevention System
[edit] External links
- Cisco Security Agent - Cisco's product page for the Agent software
- Cisco IT Case Study about Cisco Security Agent