Snort Security Platform (SnortSP) Beta

The SnortSP architecture consists of two primary components: a software platform called the Snort Security Platform (SnortSP), which is shipping in beta form in this release, and traffic analysis engine modules that plug into SnortSP. This beta test release contains one engine module which contains the Snort 2.8.3 detection engine implemented as a SnortSP engine module. SnortSP is an open-source platform for running packet-based network security applications. It provides many of the common functions required by programs that deal with packet processing such as configuration loading, event generation and traffic logging, data acquisition, protocol decoding and validation, flow management, and more. SnortSP is a research project and is not slated to become part of the main Snort distribution at any time in the future. Many of the features in SnortSP have already been folded into the Snort 2.9.x product tree.

Major features:

  • Shell-based user interface with embedded scripting language
  • Native IPv6, MPLS and GRE support (This feature is now included in 2.9.x)
  • Native support for inline operation (This feature is now include in 2.9.x)
  • More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
  • Multithreaded execution model - multiple analysis engines may operate simultaneously on the same traffic (There are certain subsystems of 2.9.x that are now multi-threaded)
  • Performance increases

The purpose of this program is to allow people to get exposure to the technology and to use the code in real-world environments - and as an opportunity to solicit feedback on the design and user experience of the new Snort code as it evolves. All feedback on the beta should go to sspbeta@sourcefire.com.

SnortSP: Latest Beta Release

The purpose of this beta program is to allow people to get exposure to the technology and to use the code in real-world environments – and as an opportunity to solicit feedback on the design and user experience of the new Snort code as it evolves. All feedback on the beta should go to sspbeta<at>sourcefire<dot>com.

README

01 Apr, 2009

snortsp-3.0.0b3-release-notes.txt

Source

MD5 SIG - 01 Apr, 2009

snortsp-3.0.0b3.tar.gz