Why Choose Bro? Bro is a powerful network analysis framework that is much different from the typical IDS you may know.
Bro's domain-specific scripting language enables site-specific monitoring policies.
Bro targets high-performance networks and is used operationally at a variety of large sites.
Bro is not restricted to any particular detection approach and does not rely on traditional signatures.
Bro comprehensively logs what it sees and provides a high-level archive of a network's activity.
Bro comes with analyzers for many protocols, enabling high-level semantic analysis at the application layer.
Bro keeps extensive application-layer state about the network it monitors.
Bro interfaces with other applications for real-time exchange of information.
Bro comes with a BSD license, allowing for free use with virtually no restrictions.
While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
Bro has originally been developed by Vern Paxson, who continues to
lead the project now jointly with a core team of researchers and
the International Computer
Science Institute in Berkeley, CA; and the
National Center for
Supercomputing Applications in Urbana-Champaign,
The Bro Project is a member of Software Freedom Conservancy. SFC is a non-profit organization created for the purpose of supporting and protecting Free, Libre, and Open Source Software (FLOSS) projects.