Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks (O'Reilly Ser.) - Softcover
Inhaltsangabe
How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.
Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:
- Develop Policies: define rules, regulations, and monitoring criteria
- Know Your Network: build knowledge of your infrastructure with network telemetry
- Select Your Targets: define the subset of infrastructure to be monitored
- Choose Event Sources: identify event types needed to discover policy violations
- Feed and Tune: collect data, generate alerts, and tune systems using contextual information
- Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Über die Autorin bzw. den Autor
Chris Fry has been a member of the Computer Security Incident Response Team (CSIRT) at Cisco Systems, Inc for 5 years, focusing on deployment of intrusion detection, network monitoring tools, and incident investigation. He began his career at Cisco in 1997 as an IT analyst, supporting Cisco's production services. His four years as a Network Engineer in Cisco IT's internal network support organization give him valuable knowledge about and unique insight into monitoring production enterprise networks. Chris holds a BA in Corporate Financial Analysis and an MS in Information and Communication Sciences from Ball State University.
Martin Nystrom is an InfoSec Investigations Manager for the Computer Security Incident Response Team (CSIRT) at Cisco Systems. He leads the global security monitoring team and provides guidance for incident response and security initiatives. Prior to joining Cisco's CSIRT, he was responsible for designing and consulting on secure architectures for IT projects. Martin worked as an IT architect and a Java programmer for 12 years prior, where he built his experience in the pharmaceutical and computer industries. He received a bachelor's degree from Iowa State University in 1990, a master's degree from NC State University in 2003, and his CISSP certification in 2004.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Suchergebnisse für Security Monitoring: Proven Methods for Incident Detection...
Beispielbild für diese ISBN
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Anbieter: World of Books (was SecondSale), Montgomery, IL, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: Good. Item in very good condition! Textbooks may not include supplemental items i.e. CDs, access codes etc. Artikel-Nr. 00072720651
Gebraucht kaufen
EUR 4,92
Versand gratis
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Security Monitoring
Anbieter: Kennys Bookstore, Olney, MD, USA
Verkäuferbewertung 5 von 5 Sternen
Zustand: New. Offers six steps to improve the way you monitor vital assets, based on the authors' years of experience conducting incident response to keep Cisco's global network secure. This book demonstrates how you can detect damaging security incidents on your global network. Num Pages: 227 pages, black & white tables, figures. BIC Classification: UR. Category: (P) Professional & Vocational. Dimension: 233 x 179 x 13. Weight in Grams: 348. . 2009. 1st Edition. Paperback. . . . . Books ship from the US and Ireland. Artikel-Nr. V9780596518165
Neu kaufen
EUR 61,86
EUR 8,91 Versand
Versand innerhalb von USA
Versand innerhalb von USA
Anzahl: 1 verfügbar
Beispielbild für diese ISBN
Security Monitoring
Anbieter: Revaluation Books, Exeter, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Paperback. Zustand: Brand New. 1st edition. 227 pages. 9.10x7.00x0.70 inches. In Stock. Artikel-Nr. x-0596518161
Neu kaufen
EUR 60,68
EUR 11,55 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: 2 verfügbar
Foto des Verkäufers
Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks
Verlag:
O\'Reilly Media, 2009
ISBN 10: 0596518161
ISBN 13: 9780596518165
Neu
Kartoniert / Broschiert
Anbieter: moluna, Greven, Deutschland
Verkäuferbewertung 4 von 5 Sternen
Kartoniert / Broschiert. Zustand: New. Offers six steps to improve the way you monitor vital assets, based on the authors years of experience conducting incident response to keep Cisco s global network secure. This book demonstrates how you can detect damaging security incidents on your global . Artikel-Nr. 594845483
Neu kaufen
EUR 51,69
EUR 48,99 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: Mehr als 20 verfügbar
Foto des Verkäufers
Security Monitoring : Proven Methods for Incident Detection on Enterprise Networks
Anbieter: AHA-BUCH GmbH, Einbeck, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Neuware - How does your system stand up against today's sophisticated security threats, especially those involving data theft With this book, security experts from Cisco Systems demonstrate how you can protect your network effectively - first by determining which assets you need to monitor closely, and then developing targeted strategies and user policies to protect those vital areas.Security Monitoring offers six steps to improve network monitoring, based on the authors' presentation at the Forum for Incident Response and Security Teams (FIRST) conference in 2007. By following these security steps, you will:Develop Policies: define the rules, regulations, criteria for monitoring your networkKnow Your Network: build knowledge of your infrastructure with network telemetrySelect Your Targets: determine the subset of infrastructure to focus monitoring effortsChoose Event Sources: identify what can and should be collected from each typeFeed and Tune: begin collecting data, and tune systems using contextual informationMaintain and Troubleshoot: keep your security monitoring event sources onlineTo help you understand this approach, each chapter in Security Monitoring shows how a fictional cellular phone service implements the frameworks and methods presented, with diagrams and explanations of how the company performs security monitoring.If you implement just a few of the recommendations in this book, you'll improve your monitoring and incident response capabilities significantly. If you implement all of the recommendations, you'll have a world-class security monitoring capability. Artikel-Nr. 9780596518165
Neu kaufen
EUR 67,80
EUR 61,70 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 2 verfügbar