What webservers can be used with
- What webservers can be used with
- What software must be installed?
- Can IDSWatch™ be used on a
system separate from the IDS system?
- How much load does IDSWatch™ put on my
- What security is available to limit access
to IDSWatch™ ?
- Is it possible to mask displayed IP
- Is IDSWatch™ compatible with IPV6?
- What are the license terms?
- Is support available?
my support contract lapses, can I get an upgraded version of IDSWatch™?
- I need to run IDSWatch™ on multiple
IDS systems. Is a multiple system discount available?
- Can I monitor multiple IDS systems
- Can I move IDSWatch™ to a different
- What systems can run IDSWatch™?
- Where is the configuration file
- Where is the configuration file
Any web server that supports cgi scripts may be used with
IDSWatch™. We recommend mongoose, but apache is also supported.
What software must be installed?
IDSWatch™ requires Tcl8.5 to be installed on the system. All
other required software is contained in the installation.
Can IDSWatch™ be used on a system
separate from the IDS system?
Yes, IDSWatch™ can communicate with the IDS database over a
network. Performance may be affected somewhat, however, depending
network latency. In addition, the database traffic will be included in
scans if the traffic traverses a monitored network segment. For
best performance, we recommend IDSWatch™
installed on the IDS system.
How much load does IDSWatch™ put on my IDS
A typical IDSWatch™ page takes a fraction of a second of cpu time to
build. If the summary page is updated once a minute, average cpu
load will increase approximately 1% when IDSWatch™ is used.
Results will vary based on the capability of your installed hardware
and the particular webserver employed.
What security is available to limit access
IDSWatch™ relies on your web server's access
control mechanism to limit access to authorized users.
Is it possible to mask displayed IP
Yes. In the configuration file, add the directive
then add one or more maskip directives
maskip: 10.24 192.168
This directive will display all IP addresses starting with 10.24 as
starting with 192.168. This only affects the output
display. It will be effective on the next screen refresh.
Is IDSWatch™ compatible with IPV6?
Currently IP address display is limited to IPV4 addresses. IPV6
support is currently in process.
What are the license terms?
IDSWatch™ is licensed to run on a single system. There is no
limitation on the number of users that may access it. The IDSWatch™
program employs a license key to determine valid execution times. The standard
period is 1 year; customers may purchase longer terms.
Is support available?
Initial IDSWatch™ customers receive one year of support which includes
email and installation support, problem resolution and upgrades.
After the first year, support continues as long as a current software
license is maintained.
If my license lapses, can I get an
upgraded version of IDSWatch™?
Upgrades are only available to customers with current licenses.
If your license lapses you must purchase an initial
What is the release schedule?
We currently have a 6 month release schedule.
I need to run IDSWatch™ on multiple IDS
systems. Is a multiple system discount available?
Yes, multiple system discounts are available. Contact us for
Can I monitor multiple IDS systems with
If multiple IDS systems feed their alert information into a single
database, IDSWatch™ may be used to track alerts. If multiple databases
use, multiple instances of IDSWatch™ must be used.
Can I move IDSWatch™ to a different host?
Yes, as long as the host is within your domain.
What systems can run IDSWatch™?
Currently most 32 and 64 bit Intel Linux and Solaris systems are
supported. Contact us for ports to other architectures.
Where is the configuration file
All configuration items are documented in the sample configuration file
included with the product.
Where is the configuration file located?
The configuration file path is located in /usr/local/etc/idswatch.conf