Books & Videos

Table of Contents

  1. Chapter 1 Getting Started

    1. A Rapidly Changing Threat Landscape

    2. Why Monitor?

    3. Challenges to Monitoring

    4. Outsourcing Your Security Monitoring

    5. Monitoring to Minimize Risk

    6. Policy-Based Monitoring

    7. Why Should This Work for You?

    8. Open Source Versus Commercial Products

    9. Introducing Blanco Wireless

  2. Chapter 2 Implement Policies for Monitoring

    1. Blacklist Monitoring

    2. Anomaly Monitoring

    3. Policy Monitoring

    4. Monitoring Against Defined Policies

    5. Types of Policies

    6. Policies for Blanco Wireless

    7. Conclusion

  3. Chapter 3 Know Your Network

    1. Network Taxonomy

    2. Network Telemetry

    3. The Blanco Wireless Network

    4. Conclusion

  4. Chapter 4 Select Targets for Monitoring

    1. Methods for Selecting Targets

    2. Practical Considerations for Selecting Targets

    3. Recommended Monitoring Targets

    4. Choosing Components Within Monitoring Targets

    5. Blanco Wireless: Selecting Targets for Monitoring

    6. Conclusion

  5. Chapter 5 Choose Event Sources

    1. Event Source Purpose

    2. Choosing Event Sources for Blanco Wireless

    3. Conclusion

  6. Chapter 6 Feed and Tune

    1. Network Intrusion Detection Systems

    2. NIDS Deployment Framework

    3. System Logging

    4. NetFlow

    5. Blanco’s Security Alert Sources

    6. Conclusion

  7. Chapter 7 Maintain Dependable Event Sources

    1. Maintain Device Configurations

    2. Monitor the Monitors

    3. Monitor Databases

    4. Automated System Monitoring

    5. System Monitoring for Blanco Wireless

    6. Conclusion

  8. Chapter 8 Conclusion: Keeping It Real

    1. What Can Go Wrong

    2. Case Studies

    3. Real Stories of the CSIRT

    4. Bare Minimum Requirements

    5. Conclusion

  1. Appendix Detailed OSU flow-tools Collector Setup

    1. Set Up the Server

    2. Configuring NetFlow Export from the Router

  2. Appendix SLA Template

    1. Service Level Agreement: Information Security and Network Engineering

  3. Appendix Calculating Availability

  4. Colophon