Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks - Couverture souple

Fry, Chris; Nystrom, Martin

 
9780596518165: Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Couverture souple
ISBN 10 : 0596518161 ISBN 13 : 9780596518165
Editeur : O'Reilly Media, 2009

Synopsis

How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:

  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.

Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.

À propos des auteurs

Chris Fry has been a member of the Computer Security Incident Response Team (CSIRT) at Cisco Systems, Inc for 5 years, focusing on deployment of intrusion detection, network monitoring tools, and incident investigation. He began his career at Cisco in 1997 as an IT analyst, supporting Cisco's production services. His four years as a Network Engineer in Cisco IT's internal network support organization give him valuable knowledge about and unique insight into monitoring production enterprise networks. Chris holds a BA in Corporate Financial Analysis and an MS in Information and Communication Sciences from Ball State University.

Martin Nystrom is an InfoSec Investigations Manager for the Computer Security Incident Response Team (CSIRT) at Cisco Systems. He leads the global security monitoring team and provides guidance for incident response and security initiatives. Prior to joining Cisco's CSIRT, he was responsible for designing and consulting on secure architectures for IT projects. Martin worked as an IT architect and a Java programmer for 12 years prior, where he built his experience in the pharmaceutical and computer industries. He received a bachelor's degree from Iowa State University in 1990, a master's degree from NC State University in 2003, and his CISSP certification in 2004.

Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.

Éditeur
O'Reilly Media
Date d'édition
2009
Langue
anglais
ISBN 10 
0596518161
ISBN 13 
9780596518165
Reliure
Broché
Numéro d'édition
1
Nombre de pages
246
Coordonnées du fabricant
non disponible
Personne responsable
non disponible