The Bro Network Security Monitor v2.1 Public Beta available
Bro is a powerful network analysis framework that is much different from the typical IDS you may know.
Key Features
-
Adaptable
Bro’s domain-specific scripting language enables site-specific monitoring policies.
-
Efficient
Bro targets high-performance networks and is used operationally at a variety of large sites.
-
Flexible
Bro is not restricted to any particular detection approach and does not rely on traditional signatures.
-
Forensics
Bro comprehensively logs what it sees and provides a high-level archive of a network’s activity.
-
In-depth Analysis
Bro comes with analyzers for many protocols, enabling high-level semantic analysis at the application layer.
-
Highly Stateful
Bro keeps extensive application-layer state about the network it monitors.
-
Open Interfaces
Bro interfaces with other applications for real-time exchange of information.
-
Open Source
Bro comes with a BSD license, allowing for free use with virtually no restrictions.
While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Bro’s user community includes major universities, research labs, supercomputing centers, and open-science communities.
About V2.1
Bro 2.1 comes with extensive support for IPv6, tunnel decapsulation, a new input framework for integrating external information in real-time into the processing, support for load-balancing in BroControl, two new experimental log output formats (DataSeries, ElasticSearch), and many more improvements and fixes throughout the code base. See the NEWS for the preliminary release notes, and the CHANGES for the exhaustive commit list.
Bro has originally been developed by Vern Paxson, who continues to lead the project now jointly with a core team of researchers and developers at the International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL
