HOME               COMPANY             PRODUCTS             SUPPORT             CONTACT US             PARTNERS             PARTNERS
Products

Information Security

IDS/IPS Policy Editor (IPE)  |  ClearView Reporting Suite  |

IDS/IPS Policy Editor (IPE)

Product Overview

The IDS/IPS Policy Editor (IPE)) application is a software product developed by NWG Technologies, L.L.C. It is used to view, edit and manage policies on ISS RealSecure ® IDS/IPS products.

As a value-added utility, IPE provides multiple functions that the ISS Policy Editor does not have. The benefits of IPE include:

  • Administrative Cost Savings - Using IPE, security administrators will spend significantly less time and effort on editing and maintaining IDS/IPS policies.
  • Better Response to IDS Incidents - Without adding more personnel, security administrators can spend more time on IDS/IPS data analysis and incident response.
  • More Accurate IDS Alarms - A well-tuned IDS/IPS policy can greatly reduce the number of false alarms generated by IDS/IPS sensors.
  • Reporting Functions - Security administrators can use IPE to easily generate reports on IDS/IPS policies.
  • Reduce the Total Cost of Ownership on IDS/IPS Products - IPE can help security administrators to improve the overall efficiency and productivity.

IPE Features

IPE can process ISS RealSecure Network Sensor Version 7.x policies. There are two product versions designed to provide maximum value while meeting varying security objectives.

Basic IPE Advanced IPE *
Policy Display: IPE can display a sensor policy in a user-friendly GUI. XPU Integration: IPE can automatically detect and integrate a new XPU into IPE-managed sensor policies.
Signature Detail Display: IPE can display details on a single signature, including response definitions, detailed description and the XPU version in which this signature was first added. Policy Version Control: IPE will save each version of a policy. This capability allows the user to roll-back to any previous version if necessary.
Record Sorting: IPE can sort all records (signatures) in a policy based on event name, enable status, priority (High/Medium/Low), category (Attack/Audit) or group. Policy Change Log: IPE can generate audit logs for administrators to track the changes.
Record Filtering: IPE allows a user to display only signatures meeting certain criteria. Signatures can be filtered based on event name, enable status, priority, category, group and XPU version. Reporting: IPE allows administrators to generate, save, or print out reports on sensor policies.
Editing a Single Signature: IPE can be used to edit a single signature and change its priority, enable status, priority, and response definitions. Editing Multiple Policies: IPE can be used to edit multiple sensor policies simultaneously.
Editing Multiple Records: IPE can be used to edit multiple signatures at the same time.  
XPU Signature Editing: IPE enables administrators to easily view and edit new signatures added by an XPU.  

* Advanced IPE includes all of the features of Basic IPE plus the features listed in this column.