With each release of SnortCenter, additional components are added to or removed from the web interface layout. The most recent version of SnortCenter as of this writing requires an initial login. After successfully logging in, the default SnortCenter home page displays all configured sensors and their current state of operations. This information helps to immediately determine if Snort is running and fully functional on all the configured sensors.
In most cases—as with the example shown in Figure 11-2—SnortCenter displays only a single sensor, because the sensor agent is running on the same system as the management console. This is the recommended architecture for launching a new intrusion detection system and is a common configuration for small networks. It is also a useful configuration for learning how to use Snort. As you become more familiar with Snort, you will probably install additional sensors throughout your network.
Figure 11-2. The initial SnortCenter login displaying all configured sensors
Some browsers display the SnortCenter web interface better than others. I find Mozilla works the best. The KDE Konqueror web browser appears to have some display issues. Microsoft IE does not display all drop-down menus correctly. Various browsers render the SnortCenter content differently. Find one that works best for you.
The trickiest part of ...