various security tools and correlating the events

In this section we are presenting the wok that has been done up to now in the area of Integrity of various security tools and correlating the events from the integrated tools and at last how the visualization tools can help in providing the results that can be interpreted easily. YING-DAR LIN, HUAN-YUN WEI AND SHAO-TANG YU, [1] discusses how the integrated security gateway can be implemented using the open source packages. These open source packages ensure the interoperability between the packages. Glenn A. Fink, Paul Muessig, and Chris North [4] introduces Portall, visualization tool that gives system administrators a view of the communicating processes on the monitored machine correlated with the network activity in which the processes participate.  Ron Gula[5] presents the vulnerability correlation with the IDS alerts and specify two methods of correlating the vulnerability with the IDS alerts. These are Persistent VA/IDS Correlation and near time VA/IDS Correlation. netForensics[6] integrates three distinct yet complimentary forms of event correlation – the first is rules based correlation which separates false positive security alarms from potentially significant security incidents by invoking "time aware" security policy rules for each event received from IDS, OS, APPS, or AVS  devices monitored by netForensics. The second is Statistical Correlation and third one is Vulnerability correlation. Robert Ball, Glenn A. Fink, Anand Rathi, Sumit Shah, and Chris North [7]  explains a tool named VISUAL (Visual Information Security Utility for Administration Live) that provides insight for networks with up to 2,500 home hosts and 10,000 external hosts, shows the relative activity of hosts, displays them in a constant relative position, and reveals the ports and protocols used.

various security tools and correlating the events

In this section we are presenting the wok that has been done up to now in the area of Integrity of various security tools and correlating the events from the integrated tools and at last how the visualization tools can help in providing the results that can be interpreted easily. YING-DAR LIN, HUAN-YUN WEI AND SHAO-TANG YU, [1] discusses how the integrated security gateway can be implemented using the open source packages. These open source packages ensure the interoperability between the packages. Glenn A. Fink, Paul Muessig, and Chris North [4] introduces Portall, visualization tool that gives system administrators a view of the communicating processes on the monitored machine correlated with the network activity in which the processes participate.  Ron Gula[5] presents the vulnerability correlation with the IDS alerts and specify two methods of correlating the vulnerability with the IDS alerts. These are Persistent VA/IDS Correlation and near time VA/IDS Correlation. netForensics[6] integrates three distinct yet complimentary forms of event correlation – the first is rules based correlation which separates false positive security alarms from potentially significant security incidents by invoking "time aware" security policy rules for each event received from IDS, OS, APPS, or AVS  devices monitored by netForensics. The second is Statistical Correlation and third one is Vulnerability correlation. Robert Ball, Glenn A. Fink, Anand Rathi, Sumit Shah, and Chris North [7]  explains a tool named VISUAL (Visual Information Security Utility for Administration Live) that provides insight for networks with up to 2,500 home hosts and 10,000 external hosts, shows the relative activity of hosts, displays them in a constant relative position, and reveals the ports and protocols used.