Dear Network and Security Monitoring people :
We are pleased to announce that Trisul 2.4 is immediately available for download.
Please visit the download page to get the latest packages.
We have packages available for :
- CentOS 6.2 - 64 bits (recommended)
- CentOS 5.8 - 64 bits
- Ubuntu 10.04 64 bits
- Ubuntu 10.04 32 bits
Trisul 2.4 introduces an API called Trisul Remote Protocol. You can write scripts in a language of your choice (Ruby, Python) and perform complex analysis tasks. Apart from other new features listed below - a major performance improvement is dramatically lesser CPU usage of Trisul.
Trisul Remote Protocol
Secure remote scripting of tasks. Write simple scripts in Ruby to perform complex multi stage tasks. For example pull up a list of all flows to China or get raw packets for all priority 1 alerts. We have released several sample scripts to get you started. See here for more
Alerts can now be sent to syslog
You can send all types of alerts - threshold crossing, flow tracker, badfellas (blacklist) and IDS alerts to a syslog collector.
New subscriber reports
If you are a service provider, you can use a new Subscriber Report that will breakout all activity of a user in a summary view and a detailed (deep) view. You can set bandwidth limits and flag excess usage.
Major reduction in CPU usage
The earlier versions of Trisul would demonstrate a high CPU usage especially in lightly loaded networks. We have fixed internal locking strategies to dramatically reduce the CPU usage. We have also tightened memory usage significantly.
Enhancements & Fixes
- Fix error with Phishtank blacklisting
- Can now specify fixed high numbered TCP/UDP ports as server ports
- Slew of improvements to packet based drilldown
- Better performance of flow based drilldowns
- Websockets now compatible with latest versions of Firefox/Chrome
- Better packaging - allow independent installs of trisul and plugins
- Over 80 other fixes
All users of Trisul are encouraged to update their installations. Instruction for upgrade are at http://trisul.org/docs/install/migration.html
All data will be retained after the update.
Thanks for your wonderful support for Trisul.