Security Monitoring

Overview

How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network—first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's ...

See more details below
Paperback
$38.81
BN.com price
(Save 13%)$44.99 List Price
Other sellers (Paperback)
  • All (12) from $5.60   
  • New (7) from $26.20   
  • Used (5) from $5.60   
Security Monitoring

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$19.99
BN.com price
(Save 44%)$35.99 List Price

Overview

How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network—first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:

  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.

Read More Show Less

Product Details

  • ISBN-13: 9780596518165
  • Publisher: O'Reilly Media, Incorporated
  • Publication date: 2/1/2009
  • Edition number: 1
  • Pages: 240
  • Product dimensions: 7.00 (w) x 9.10 (h) x 0.60 (d)

Meet the Author

Chris Fry has been a member of the Computer Security Incident Response Team (CSIRT) at Cisco Systems, Inc for 5 years, focusing on deployment of intrusion detection, network monitoring tools, and incident investigation. He began his career at Cisco in 1997 as an IT analyst, supporting Cisco's production services. His four years as a Network Engineer in Cisco IT's internal network support organization give him valuable knowledge about and unique insight into monitoring production enterprise networks. Chris holds a BA in Corporate Financial Analysis and an MS in Information and Communication Sciences from Ball State University.

Martin Nystrom is an InfoSec Investigations Manager for the Computer Security Incident Response Team (CSIRT) at Cisco Systems. He leads the global security monitoring team and provides guidance for incident response and security initiatives. Prior to joining Cisco's CSIRT, he was responsible for designing and consulting on secure architectures for IT projects. Martin worked as an IT architect and a Java programmer for 12 years prior, where he built his experience in the pharmaceutical and computer industries. He received a bachelor's degree from Iowa State University in 1990, a master's degree from NC State University in 2003, and his CISSP certification in 2004.

Read More Show Less

Table of Contents

Preface;
What This Book Is Not;
What This Book Is;
Conventions Used in This Book;
Using Code Examples;
Safari® Books Online;
Comments and Questions;
Acknowledgments;
Chapter 1: Getting Started;
1.1 A Rapidly Changing Threat Landscape;
1.2 Why Monitor?;
1.3 Challenges to Monitoring;
1.4 Outsourcing Your Security Monitoring;
1.5 Monitoring to Minimize Risk;
1.6 Policy-Based Monitoring;
1.7 Why Should This Work for You?;
1.8 Open Source Versus Commercial Products;
1.9 Introducing Blanco Wireless;
Chapter 2: Implement Policies for Monitoring;
2.1 Blacklist Monitoring;
2.2 Anomaly Monitoring;
2.3 Policy Monitoring;
2.4 Monitoring Against Defined Policies;
2.5 Types of Policies;
2.6 Policies for Blanco Wireless;
2.7 Conclusion;
Chapter 3: Know Your Network;
3.1 Network Taxonomy;
3.2 Network Telemetry;
3.3 The Blanco Wireless Network;
3.4 Conclusion;
Chapter 4: Select Targets for Monitoring;
4.1 Methods for Selecting Targets;
4.2 Practical Considerations for Selecting Targets;
4.3 Recommended Monitoring Targets;
4.4 Choosing Components Within Monitoring Targets;
4.5 Blanco Wireless: Selecting Targets for Monitoring;
4.6 Conclusion;
Chapter 5: Choose Event Sources;
5.1 Event Source Purpose;
5.2 Choosing Event Sources for Blanco Wireless;
5.3 Conclusion;
Chapter 6: Feed and Tune;
6.1 Network Intrusion Detection Systems;
6.2 NIDS Deployment Framework;
6.3 System Logging;
6.4 NetFlow;
6.5 Blanco’s Security Alert Sources;
6.6 Conclusion;
Chapter 7: Maintain Dependable Event Sources;
7.1 Maintain Device Configurations;
7.2 Monitor the Monitors;
7.3 Monitor Databases;
7.4 Automated System Monitoring;
7.5 System Monitoring for Blanco Wireless;
7.6 Conclusion;
Chapter 8: Conclusion: Keeping It Real;
8.1 What Can Go Wrong;
8.2 Case Studies;
8.3 Real Stories of the CSIRT;
8.4 Bare Minimum Requirements;
8.5 Conclusion;
Detailed OSU flow-tools Collector Setup;
Set Up the Server;
Configuring NetFlow Export from the Router;
SLA Template;
Service Level Agreement: Information Security and Network Engineering;
Calculating Availability;
Colophon;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)