We wanted to have a challenge by integrating many applications due to the need of work more efficiently, have all data in one place and finding malacious traffic in our office network.

What it does

In just a few words: A lot.

  1. Intrusion Detection System - finding and preventing threat attacks in our network
  2. Management of virtual Zitec Assets - IP's, Servers, Virtual Machines, Operating Systems, Network devices
  3. Presenting graphs for network traffic

How we built it

At first we documented about IDS / IPS systems and tested the most popular ones, then after we decided which one to use, we started installing packages, configured various settings to capture the dataflows of the network and made a web interface for displaying data to users, so they would be aware of the attcks / trojans / vulnerabilities regarding their computers on the network.

Challenges we ran into

We needed to select the best IDS system, based on performance, configuration options, features and many other factors.

Accomplishments that we're proud of

Integrating 5 different software into single point of presentation.

What we learned

We learned to integrate open-source solutions, a little ruby, some packet capturing in the network, and the most important, we found what traffic we have in our network.

What's next for this project

We want to integrate even more, because this will lead to cost reducing and lower wasted time with searching for assets in different documents or applications.

Built With

  • ids
  • ips
  • php
  • snort
  • suricata
Share this project: