Chapter 23. Security Monitoring and Correlation
The monitoring and correlation of network security infrastructure in the modern day network is becoming a challenge because each network component generates its own set of logs, events, alerts, and various notification messages, thereby creating a massive collection of event logs for analysis and investigation.
Cisco Security Monitoring, Analysis, and Response System (CS-MARS) is a comprehensive appliance-based solution providing security information and event management. CS-MARS offers network intelligence to identify and correlate events, pinpoint attack paths, and provide comprehensive security threat control and mitigation.
This chapter provides details of the appliance-based security information ...