Loading...
- Run OpenSource IDS like a Pro

A better way to manage Suricata.

Simpler provisioning, configuration, rules & IOCs management, Threat Intel. Feeds Integration, alerts shipping, and monitoring for Suricata Open Source Intrusion Detection System Clusters

IDSTower Cluster Summary
Single GUI
Single Interface

Manage multiple Suricata clusters with 10's of hosts from a single, easy-to-use GUI.

Configure with ease
Configure with ease

Configure any Suricata option without the need to edit text files.

Get faster results
Get faster results

Stop duct taping right and left, automate your IDS operations, reduce human error and provision IDS clusters in minutes.

Exploit the real power of Open Source IDS

Thousands of companies around the world use Suricata IDS/IPS to defend their networks.

Why choose IDSTower?

Manage Suricata IDS Clusters with ease, Provision, Configure & Monitor Clusters through an intuitive, easy-to-use web interface.

Image placeholder
Provision a Cluster in minutes

a step-by-step wizard for installing Suricata across many hosts at once, with multiple repositories to install packages from, including deploying to offline machines using the built-in packages repository, or your own custom-built packages!

Image placeholder
Manage Configurations Centrally

Central management for starting, stopping and configuring Suricata & the logshipper (Filebeat) across the entire cluster, with a full history of all configuration changes, so you can revert back to them with a single click.

Image placeholder
Health monitoring

Collects key suricata metrics, hosts health metrics, loaded & failed rules and display them in one web interface.

why IDSTower

Powerful Rules Management Interface

Manage your IDS Ruleset through a centralized web Interface, with a powerful search & filtration features.

Image placeholder
Import thousands of rules

Enable a Rules feed or manually import Rules from multiple files at once, while intelligently expiring old rule revisions and enabling the new ones, saving you precious time & effort to keep your rules updated.

Image placeholder
Deploy rules updates automatically

Each Suricata host is integrated with IDSTower to periodically checks for rules updates & apply them automatically.

Image placeholder
Organize Ruleset like a pro!

Manage rule life-cycle using rule status, organize them into custom categories, add custom tags\metadata to them to add more context for analysts, all without editing a single text file.

Image placeholder
Export rules to suricata-update, OpenSense & more.

Export IDSTower-Managed rules/IOCs to external Suricata installations or other systems in text, STIX2.1 format and more.

Powerful Rules Management Interface

Intelligent Rules Parsing & Transformation

IDSTower lets you customize rule via the rule editor, and will parse and validate the rule syntax automatically, while intelligently inserting the changes you set to the final rule sent to the hosts.

Image placeholder
No Text files!

Edit all of your rules through the web GUI, change the source code, set the category and even add tags to add more context to your analyst.

Image placeholder
Tune Options without touching code

Set Rule Priority, Target and other options without editing the rule source code!, all the changes you set through the UI will be intelligently inserted into the final rule.

Image placeholder
Do the tunning once, keep it forever

When you customize a rule through rule options, IDSTower will make sure to copy those customizations to the new rule revisions.

IDSTower Rules Editor

Integrated Threat Intelligence Engine

Enable Commercial & Open Source Threat Intelligence Feeds with a single click!, now with 14 pre-integrated Rules & IOCs Feeds and generic feeds support including TAXII\STIX, MISP and more!.

Image placeholder
Ingest thousands of Indicators

IDSTower will ingest Thousands of Indicators of Compromise from enabled feeds, extract their associated metadata, assign them a score, set an expiration date & expire them when they are no longer present in the feed, all automatically!

Image placeholder
Deploy Indicators updates automatically

Each Suricata host is integrated with IDSTower to periodically checks for Indicators updates & apply them automatically.

Image placeholder
Pre-Configured Alerts

All enabled indicators will be alerted on when they are detected in the monitored network traffic without you having to write any rules.

Powerful Rules Management Interface

Excellent Pricing Plans

Standard
Free
  • Provision a Cluster in minutes
  • Manage Configurations Centrally
  • Suricata Health monitoring
  • 14 Integrated Threat Intelligence feeds
  • TAXII/STIX, MISP & generic feeds support
  • Powerful Rules & IOCs Management
  • Intelligent Rules Parsing & Transformation
  • 1 Self-Supported Host
Get Free License now
Professional
$499
Per host per year
Buy Now! Get a Free 30-day Trial
Enterprise
Lets talk
  • Includes all Professional Features
  • Role-Based Access Control (RBAC)
  • AWS Network Firewall Connector
  • Fully Managed Cloud Instances
  • Custom Features Development
  • Professional Services
  • Custom Support SLA
Lets talk Get a Free 30-day Trial

Helpful answers

Manage Suricata hosts effectively, save time and money by automating manual work.

When you buy the professional, you will get email support with it, you can contact us at any time for issues concerning IDSTower, The Enterprise license offers tailored support as per the customer needs.

We encourage you to test out IDSTower before buying it to make sure it fits your needs, that is why we offer a Free 30-day Trial (no credit card required!).

If 30 days are not enough, please contact us and we love to help you out!

Although we would love to help, in order to keep our prices down, we have decided not to include Suricata support in the prices of our Professional License, if you are interested in getting Suricata support, The Enterprise License can fulfill this, please contact us to discuss the details.

You can get a Free 30-day Trial to test IDSTower to make sure it fits your needs, and incase you need a longer testing period or require a specific feature that is missing, please contact us and we love to help you out!.

IDSTower has been tested on several linux distributions, including CentOS & Ubuntu, please refer to the system requirements section for more details.

IDSTower installation wizard offers three different installation sources, among them is the custom user packages, all what you need to is to place your custom-built suricata packages in the IDSTower machine and you will ready to go!, please refer to our documentation for more details.