Chapter 23. Security Monitoring and Correlation

The monitoring and correlation of network security infrastructure in the modern day network is becoming a challenge because each network component generates its own set of logs, events, alerts, and various notification messages, thereby creating a massive collection of event logs for analysis and investigation.

Cisco Security Monitoring, Analysis, and Response System (CS-MARS) is a comprehensive appliance-based solution providing security information and event management. CS-MARS offers network intelligence to identify and correlate events, pinpoint attack paths, and provide comprehensive security threat control and mitigation.

This chapter provides details of the appliance-based security information ...

Get CCIE Professional Development Series Network Security Technologies and Solutions now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.