Security Monitoring
Proven Methods for Incident Detection on Enterprise Networks
Publisher: O'Reilly Media
Final Release Date: February 2009
Pages: 256

How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:

  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.

Table of Contents
Product Details
About the Author
Colophon
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillySecurity Monitoring
 
4.0

(based on 1 review)

Ratings Distribution

  • 5 Stars

     

    (0)

  • 4 Stars

     

    (1)

  • 3 Stars

     

    (0)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

Reviewed by 1 customer

Displaying review 1

Back to top

(2 of 2 customers found this review helpful)

 
4.0

Very Good book on the security process

By jdruin

from Undisclosed

Comments about oreilly Security Monitoring:

In my opinion one of the best parts of this book was the methodology presented on creating well defined security and access policies that were written and agreed upon by the business. The author did a nice job of using realistic business cases to demonstrate how to craft policies and the steps needed to build the policies. Also, compromises were mentioned such as that the business will not always accept the strongest security posture so it may be necessary to reach an acceptable medium and get the business owners signoff that they accept the risk.

The author goes into detail about how to select the likely weak points in the network so they can be targeted for analysis.

Additionally the author covers various tools, methods, and best practices to monitor those weak links once they have been properly identified and once policies about what to monitor have been decided upon.

The latter parts of the book cover how to decipher and report on the data collected during the monitoring plus how to protect the monitoring tools and equipment itself.

One criticism I have would be that a fair amount of network engineering knowledge is needed in order to understand the examples and terminology. To that end the author will naturally be preaching to the choir in many cases as networking gurus that can get the full benefit of the book probably already have an appreciation for network security. That being said, networking professionals will get a better understanding of the process required to secure a network. Since the process is often what is missing from network security; this is where the books benefits will shine.

The author does occasionally use acronyms without explaining what they mean. I would have liked to have always seen the initial use of an acronym spelled out then referred to by acronym from that point forward. If an acronym is to be used in a different chapter, I would like to see the acronym spelled out again to avoid having to flip back for review.

Displaying review 1

Back to top

 
Buy 2 Get 1 Free Free Shipping Guarantee
Buying Options
Immediate Access - Go Digital what's this?
Ebook: $35.99
Formats:  DAISY, ePub, Mobi, PDF
Print & Ebook: $49.49
Print: $44.99