On Tuesday, Snort 3 was officially launched and users were recommended to migrate from any previous iteration of the common intrusion prevention and intrusion detection (IPS/IDS) framework to Snort 3.
Snort is a Cisco-developed open-source platform that offers capabilities for real-time traffic analysis and packet logging. It has been downloaded millions of times and has over 600,000 registered users, with Cisco saying it is the world’s most commonly used IPS.
In December 2014, the alpha version of Snort 3 was released and now it has finally become publicly available.
The new update, developers note, brings quicker and more effective guidelines, runs on various operating systems and environments, and provides more power to users.
Improved cross-platform compatibility, a shared configuration and attribute table, support for multi-packet processing threads, scriptable configuration, pluggable main components, auto-detect portless configuration facilities, auto-generate reference documentation, and support for rules with sticky buffers are all included in the list of significant enhancements.
This new version of Snort is the culmination of our team’s growth and hard work for more than seven years. It is time for Snort to mature after many years of success by combining lessons we have learned over the many years of the life of the app and making it even more effective,” Snort developers wrote in a blog post.