Monitor and Protect Network

CS-MARS Investigation

Cisco Security Monitoring, Analysis, and Response System (CS-MARS) is an incident management system. It is designed to correlate security event notification and log file entries to identify network security incidents. It will rate the severity of an event as well as determine the possibility of a false positive alert. The purpose of this investigation is to evaluate the suitability of the CS-MARS product to the Iowa State University network environment as a tool for security response and policy enforcement.

Status

The project has integrated log messages from both network equipment and computer servers with intrusion detection alerts. The project team is now working on tuning the system to the Iowa State environment to reduce the false-positive rate.

Intrusion Detection

Implement an Intrusion Detection System (IDS) for network security.

Status

The IDS system is installed and functional.

Contact

• Andy Weisskopf

Copyright © 1995-2007, Iowa State University of Science and Technology. All rights reserved.

• ISU INDEX
• A
• B
• C
• D
• E
• F
• G
• H
• I
• J
• K
• L
• M
• N
• O
• P
• Q
• R
• S
• T
• U
• V
• W
• X
• Y
• Z