How well does your enterprise stand up against today's sophisticated security threats?
With this book, security experts from Cisco Systems demonstrate how you can detect damaging security incidents on your global network - first by discovering which assets you need to monitor closely, then by helping you develop targeted strategies and pragmatic techniques to identify security incidents. "Security Monitoring" offers six steps to improve network monitoring, based on the authors' years of experience conducting incident response to keep Cisco's global network secure.
These steps will guide you through the following: Develop Policies: define the rules, regulations, and criteria against which to monitor; Know Your Network: build knowledge of your infrastructure with network telemetry; Select Your Targets: define the subset of infrastructure where you'll focus monitoring; Choose Event Sources: identify the event types needed to discover policy violations; Feed and Tune: collect data and generate alerts, tuning systems using context; and, Maintain Dependable Event Sources: prevent critical gaps in your event collection and monitoring. To help you understand this framework, "Security Monitoring" illustrates its recommendations using a fictional mobile telephony provider.
Each chapter's approach and techniques are overlaid against this fictional example with diagrams and detailed examples.
These recommendations will help you select and deploy the best techniques for monitoring your own enterprise network.
- Format: Paperback / softback
- Pages: 227 pages
- Publisher: O'Reilly Media, Inc, USA
- Publication Date: 27/02/2009
- Category: Computer security
- ISBN: 9780596518165
- EPUB from £23.03
- PDF from £24.48