|
Word of the Day | 
| Daily updates on the latest technology terms |July 15, 2015 |
|
EINSTEIN | EINSTEIN is an intrusion detection system (IDS) for monitoring and analyzing Internet traffic as it moves in and out of United States federal government networks. EINSTEIN filters packets at the gateway and reports anomalies to the United States Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security. EINSTEIN is designed to provide the federal government with a cohesive view of Internet threats and a centralized point of authority for dealing with potential threats. The second iteration of EINSTEIN included automatic alerts to US-CERT when activity matching predetermined patterns is detected. According to US-CERT, the patterns, which are called signatures, are not typically included in commercially available databases of known attack signatures, but are developed by US-CERT. EINSTEIN 3 includes supplemental signatures developed by the National Security Agency (NSA) and uses real-time deep packet inspection (DPI). In addition to notifying US-CERT when a network intrustion is attempted, EINSTEIN 3 also alerts the agencies. As with all intrustion detection systems, EINSTEIN's weakness is that it cannot detect threats that do not have an associated signature in EINSTEIN's database. | Quote of the Day | 
| "EINSTEIN is just a monitoring system and at the end of the day, the asset owners need to take action on the alerts that the system is generating in a timely fashion." - Adam Meyer |
| Identity theft and data security breaches Enterprise information security management | | | | | | | | | | CONTACT MARGARET ROUSE | 
| For feedback about any of our definitions or to send us suggestions for how to improve a definition, please contact me at: mrouse@techtarget.com |
|
|
| 
| |
|
This email has been protected by YAC (Yet Another Cleaner)
www.yac.mx
No comments:
Post a Comment