How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.
Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:
* Develop Policies: define rules, regulations, and monitoring criteria
* Know Your Network: build knowledge of your infrastructure with network telemetry
* Select Your Targets: define the subset of infrastructure to be monitored
* Choose Event Sources: identify event types needed to discover policy violations
* Feed and Tune: collect data, generate alerts, and tune systems using contextual information
* Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.
How does your system stand up against today's sophisticated security threats, especially those involving data theft? With this book, security experts from Cisco Systems demonstrate how you can protect your network effectively - first by determining which assets you need to monitor closely, and then developing targeted strategies and user policies to protect those vital areas. Security Monitoring offers six steps to improve network monitoring, based on the authors' presentation at the Forum for Incident Response and Security Teams (FIRST) conference in 2007. By following these security steps, you will: Develop Policies: define the rules, regulations, criteria for monitoring your network Know Your Network: build knowledge of your infrastructure with network telemetry Select Your Targets: determine the subset of infrastructure to focus monitoring efforts Choose Event Sources: identify what can and should be collected from each type Feed and Tune: begin collecting data, and tune systems using contextual information Maintain and Troubleshoot: keep your security monitoring event sources online To help you understand this approach, each chapter in Security Monitoring shows how a fictional cellular phone service implements the frameworks and methods presented, with diagrams and explanations of how the company performs security monitoring. If you implement just a few of the recommendations in this book, you'll improve your monitoring and incident response capabilities significantly. If you implement all of the recommendations, you'll have a world-class security monitoring capability.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:
* Develop Policies: define rules, regulations, and monitoring criteria
* Know Your Network: build knowledge of your infrastructure with network telemetry
* Select Your Targets: define the subset of infrastructure to be monitored
* Choose Event Sources: identify event types needed to discover policy violations
* Feed and Tune: collect data, generate alerts, and tune systems using contextual information
* Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.
How does your system stand up against today's sophisticated security threats, especially those involving data theft? With this book, security experts from Cisco Systems demonstrate how you can protect your network effectively - first by determining which assets you need to monitor closely, and then developing targeted strategies and user policies to protect those vital areas. Security Monitoring offers six steps to improve network monitoring, based on the authors' presentation at the Forum for Incident Response and Security Teams (FIRST) conference in 2007. By following these security steps, you will: Develop Policies: define the rules, regulations, criteria for monitoring your network Know Your Network: build knowledge of your infrastructure with network telemetry Select Your Targets: determine the subset of infrastructure to focus monitoring efforts Choose Event Sources: identify what can and should be collected from each type Feed and Tune: begin collecting data, and tune systems using contextual information Maintain and Troubleshoot: keep your security monitoring event sources online To help you understand this approach, each chapter in Security Monitoring shows how a fictional cellular phone service implements the frameworks and methods presented, with diagrams and explanations of how the company performs security monitoring. If you implement just a few of the recommendations in this book, you'll improve your monitoring and incident response capabilities significantly. If you implement all of the recommendations, you'll have a world-class security monitoring capability.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.