[Fig 1]

Review IDS Alert logs right on the sensor itself! Click on a log file, then click on an Alert name to see the details.

[Fig 2]

Instantly switch between Rich text and Plain Text views, as plain text views can be easily cut/pasted into documents and emails for reporting purposes.

These screen show the sensor's ability to track and tally "conversations" between hosts.

[Fig 3]

On-the-fly control of the sensor's log spooler. Traffic log and alert files generated by the sensor are stored on a virtual revolving FILO (first-in / last-out) spool device so you never have 'run out of space' issues. These controls adjust how much space to allocate each logging event.

[Fig 4]

The sensor can perform many tasks (jobs) such as searching through captured traffic logs or probing other hosts (as in this example). The job queue system allows you to keep track of jobs and view the results when the job completes. This mechanism frees the sensor to perform additional deep analysis jobs while not tying up the user or WebGUI with long wait sessions.

[Fig 5]

Subukan's operating system and entire software suite is contained on a single binary image file or "firmware" (see yellow arrow in figure 5) which can be uploaded directly to the sensor via the network. One reboot and the system is completely updated! Furthermore, previous firmware images can be kept so you can easily roll-back the sensor to a previous state.

Additionally, the sensor has a single configuration file (see red arrow) which can also be rolled back, archived, viewed, and downloaded for safe-keeping.

[Fig 6]

Monitoring the sensor's health couldn't be easier. The WebGUI comes equipped with various screens that report all areas of the sensor's condition and state, such as CPU, memory, storage space consumption, and to running services.