SNARE Enterprise vs Open Source

SNARE Event Logging Agents are available in two versions, the free SNARE Open Source version (GNU/GPL licensing) and the SNARE Enterprise Agent.

However SNARE Enterprise Agents offer a number of enhanced capabilities over SNARE Open Source that improve reliability (caching, TCP confirmed delivery, multicasting to multiple destinations, agent heartbeat,), security (TLS-based encryption) and ease of agent deployment (MSI, Group Policy, Dynamic DNS). And with the advent of new PCI 3.0 regulations that took place in January 2015, SNARE Open Source Agents are no longer considered to be PCI Compliant, and do not include software support and enhancements.

The SNARE Enterprise Agent works with all 3rd Party SIEMs (ArcSight, QRadar, Envision, McAfee, Splunk and syslog) and MSSPs, and supports event log capture from Operating Systems (Windows to 2012, Windows 8, Linux, Solaris, Unix, OSX), IIS, DNS, DHCP, Exchange, and SMTP Servers, Active Directory/Domain Controllers and Custom Windows Events. If you’re already a SNARE Open Source user, you can easily upgrade to SNARE Enterprise Agents, while retaining previously set configurations. Below is a comparison chart detailing the differences in capability between SNARE Enterprise Agents and SNARE Open Source Agent.