This release has many bugfixes, new executive panel plugins (including a nifty geographic positioning one), improved snort logging support, hierarchical metrics, and vulnerability scanning enhancements.
VMOSSIM is a fully working OSSIM environment
packaged into a VMWare image. It's got most of the
plugins enabled and is intended for uncomplicated
and fast deployment, as well as for demonstration
and testing purposes. It incudes a set of image
management scripts not included with the main
OSSIM distribution, which alleviates access to
OSSIM by not-so-skilled users.
This version fixes numerous bugs and performance
issues. A new agent codebase has been included for
easy plugin generation as well as a fully
customizable event viewer for plugin
visualization. Many improvements have been added
as well in terms of vulnerability scan
integration, incident handling and reporting, and
scalability. A hierarchical server architecture
allows for a distributed SIM architecture suitable
for very large deployments.
This last release candidate before 0.9.9 fixes numerous bugs and increases performance at the server level. The metrics panel has undergone a major rewrite and should run much better now.
This release fixes some serious server issues,
including a couple of
possible crashes and some correlation engine
issues. At the framework
level, the executive panel has been improved, and
extra security has
been added to rrd data visualization.