Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks

by Chris Fry and Martin Nystrom

0 ratings • 0 reviews • 0 shelved
Book cover for Security Monitoring

Bookhype may earn a small commission from qualifying purchases. Full disclosure.

How well does your enterprise stand up against today's sophisticated security threats? With this book, security experts from Cisco Systems demonstrate how you can detect damaging security incidents on your global network - first by discovering which assets you need to monitor closely, then by helping you develop targeted strategies and pragmatic techniques to identify security incidents. "Security Monitoring" offers six steps to improve network monitoring, based on the authors' years of experience conducting incident response to keep Cisco's global network secure. These steps will guide you through the following: Develop Policies: define the rules, regulations, and criteria against which to monitor; Know Your Network: build knowledge of your infrastructure with network telemetry; Select Your Targets: define the subset of infrastructure where you'll focus monitoring; Choose Event Sources: identify the event types needed to discover policy violations; Feed and Tune: collect data and generate alerts, tuning systems using context; and, Maintain Dependable Event Sources: prevent critical gaps in your event collection and monitoring.
To help you understand this framework, "Security Monitoring" illustrates its recommendations using a fictional mobile telephony provider. Each chapter's approach and techniques are overlaid against this fictional example with diagrams and detailed examples. These recommendations will help you select and deploy the best techniques for monitoring your own enterprise network.
  • ISBN10 0596551002
  • ISBN13 9780596551001
  • Publish Date 9 February 2009 (first published 1 January 2009)
  • Publish Status Active
  • Imprint O'Reilly Media
  • Format eBook
  • Pages 256
  • Language English