KeyFocus - KFSensor News
 

KeyFocus

 KFSensor
 About
 Overview
 Screen shots
 Features
 Enterprise edition
 Compare editions
 Download trial
 Buy KFSensor
 News
 Manual
 Knowledge Base
 Links
 Extras
 Factsheet (.pdf)
 

KFSensor News

3 July 2008
KFSensor version 4.5.0 released
New Features
Full Enterprise Mode

This version introduces major enhancements to the way in which KFSensor Enterprise operates. Together these enhancements have been named Full Enterprise Mode.

In the Full Enterprise Mode events from each sensor are inserted into a central database and copies of each sensor's event log files are additionally made on the Administration installation. This is done automatically by a background service on the Administration machine.

The Full Enterprise Mode provides these benefits:
  • Improved performance
    The Administration console has faster local access to each sensor's events.
  • Central store of events
    Making a central copy of all events from each Sensor means there is less need to make regular backup of the Sensor machines disks drives. Storing all events on a central database also makes it easier to develop custom reports of all the activity on the entire network.
  • Easier signature rule base management
    Simply update the signatures on the Administration machine and have it deployed to each sensor automatically and securely.
  • Central alerts
    Each Sensor can be configured to send alerts, for example by email. In the Full Enterprise Mode there is the option of sending the alerts from the Administration machine instead of the Sensor machine. Handling the sending of alerts from all sensors in one location makes configuration easier. It also gets around common problems, such as a Sensor located in a DMZ not having access to the internal SMTP server to send an email alert.
  • Runs in the background
    These benefits are provided by a systems service, so it works without the need for a user to be logged on.

Enabling Full Enterprise Mode requires additional but straight forward configuration that is fully described in the KFSensor Administration Guide. This is an optional feature and can be enabled or disabled at ant time. So there is no need to postpone upgrading to the new version.

Vista ports
  • Added definitions for services specific to Windows Vista
  • Web Services for Devices
  • IIS version 7 simulator
WinPcap
  • KFSensor now supports the latest WinPcap version 4.1.
Memory managements
  • Improvements to the code have resulted in a smaller memory foot print, which will aid systems performance in cases of heavy load.
2 November 2007KFSensor version 4.4.0 released
11 December 2006KFSensor version 4.3.0 released
16 June 2006KFSensor version 4.2.0 released
8 May 2006KFSensor version 4.1.0 released
4 January 2006KFSensor version 4.0.1 released
25 July 2005KFSensor version 3.0.4 released
2 April 2004Windows & .NET Magazine - Lab Report
22 March 2004KFSensor version 2.1.4 released
31 Oct 2003KeyFocus announces the world's first Windows networking emulation honeypot
31 Oct 2003KFSensor version 2.0 Release Notes
20 Oct 2003Information Security Magazine review
11 Jul 2003KeyFocus launches version 1.4 of KFSensor, its honeypot based intrusion detection system.
7 Jul 2003KFSensor, version 1.4.0 released
4 Jun 2003KFSensor, version 1.3.0 released
13 May 2003KFSensor, version 1.2.0 released
19 Mar 2003KFSensor, version 1.0.4 released
28 Feb 2003KFSensor, version 1.0.3 released
13 Feb 2003KFSensor, version 1.0.2 released
26 Jan 2003SQL Slammer Worm
24 Jan 2003KeyFocus Release Intrusion Detection System