Aanval Mini Appliance: FREE with License Purchase

FREE Aanval Mini Appliance Promotion in August

Now through the end of August, receive a FREE Aanval Mini appliance with the purchase of an Aanval SAS or Aanval SAS Enterprise  license package. Purchase an Aanval SMB package and receive 50% off an Aanval Mini appliance.

Aanval Appliance

What is an Appliance?

We have brought the industry’s leading Snort and Syslog intrusion detection and correlation console together with the world’s most stable and advanced operating system and hardware combination.

The Aanval Mini appliance is a Mac mini-based all-in-one IDS and SIEM solution. Preconfigured with Snort and Aanval, this box comes drop-in ready for complete monitoring and management. 

Screen Shot 2014 08 21 at 10 48 32 PM

Each appliance comes with one standard Ethernet interface designed for Snort monitoring. With a supplied Thunderbolt-to-Ethernet cable, a second management interface is added.

Already have an Aanval server?

Not a problem. The Mini appliance can be configured as a sensor-only device, designed to monitor and report to a local or remote Aanval server for logging, correlation, reporting, and management. 

Multiple Mini appliances can be deployed at remote sites. The Mini appliance is also rack mountable.

Aanval’s Enhanced Sensor and Appliance Management Features

Every appliance comes configured with Aanval’s Sensor Management Tools that allow the remote management of a sensor’s Snort signatures. Manually enable and disable signatures, and automatically receive daily signature updates on every active sensor.

Apple and Mac OS X

Elegant, reliable, and stable are just a few of the words that describe the world’s most advanced operating system combined with the industry’s highest quality hardware. Apple’s operating system and hardware were chosen for Aanval Appliances for its core Unix foundation and overall superior quality. Mac OS X is an Open Brand Unix 03 Registered Product.

AanvalOnSensorAndDisplayx350

Configured for Your Environment

All appliances may be custom configured with specific destination network details (IP, DNS, etc), ensuring the installation is as simple as plugging in and powering on the Appliance. Appliances may further be installed with a selection of security tools including tcpdump (packet sniffing), Nmap (port scanning), nessus (vulnerability scanning), and more.

Get Your FREE Appliance!

Purchases can be made securely online at https://www.aanval.com/purchase and through the friendly and knowledgable sales staff at Tactical FLEX!

Learn more about Aanval at https://www.aanval.com/aanval 

Aanval SAS: Syslog Aggregation, Management, and Archiving

Snort and Syslog

Aanval is the longest running Snort front-end. While many users target and use Aanval for its IDS capabilities and tools, many are finding Aanval’s syslog options invaluable and only use them, especially as we’re seeing users with all-in-one firewall or syslog solutions that host an IDS like Snort and multiple device log feeds.

Syslog Setup and Options

Aanval is capable of importing, storing, managing, and even archiving syslog events from any device capable of external logging. Done in one of two ways, Aanval can fetch syslog events from a log file or have them directly exported to the console over port 514.

Using a universally known and used logging format like syslog, Aanval can be fed events from hundreds and hundreds of devices. Aanval then uses the universally known and used parsing language of Regular Expressions (regex). With regex, users can completely customize each individual syslog feed (sensor) to format and display the details necessary.

Exclusive and Enhanced Syslog Management Tools

On top of using such universal and valuable tools for syslog importing and customization, Aanval adds additional enhanced features to parse deeply wedged data where basic regex might fail or the regex itself be too complex. Using a double tilda (~~), users can link two separate regex to act as one expression recognized by Aanval, allowing the console to make an initial search and find in a syslog string, and then continue its search to find the exact value needed within the now smaller string.

Data archiving is simple with Aanval’s Syslog Mirroring tool, providing users the ability to export all Aanval-imported events in a user-defined format to another device.

Syslog Event Management

With syslog data imported, customized, and normalized to environment specs, users can then take advantage of Aanval’s event management tools like Live Correlation and GeoLocation, Automated Actions and Alerts, Situational Awareness, and Advanced Reporting that includes detailed on-demand and scheduled and emailed reports.

Benefits of Aanval SAS with Syslog

With Aanval SAS, users receive the capability to import and manage an unlimited number of syslog feeds (sensors). Additionally, there are no data caps. We encourage the community to send Aanval anything and everything, to enhance network visibility. Users also receive telephone and remote support, and console maintenance, so that they’ll always have access to the latest fixes, features, and even major revisions.

See Also

Visit our support wiki for more details on setting up and using Aanval’s advanced syslog tools:

Syslog Setup

Syslog Mirroring

Contact our sales team for more information on how you can use syslog management with Aanval in your environment:

(800) 921-2584

sales.group [at] tacticalflex.com