Skip to Main Content
Security Monitoring
book

Security Monitoring

by Chris Fry, Martin Nystrom
February 2009
Intermediate to advanced content levelIntermediate to advanced
256 pages
7h 43m
English
O'Reilly Media, Inc.
Content preview from Security Monitoring

The Blanco Wireless Network

Blanco’s security team has worked with its IT staff to better understand their company’s network using IPAM data, NetFlow, and general routing information.

IP Address Assignment

Blanco has a simple address space, documented with the open source IPplan software. The subnets we will use in our examples for this and subsequent chapters are shown in Figure 3-12 and appear highlighted in the following code snippet:

10.10.0.0/16        Redwood City Campus
|-- 10.10.0.0/19        Data Centers
|-- 10.10.32.0/19       Site 1 Desktop Networks
|  |-- 10.10.32.0/24      Building 1 1st floor
|  |-- 10.10.33.0/25      Building 1 2nd floor
|  |-- 10.10.33.128/25  Building 2

10.10.0.0/19        Data Centers
|-- 10.10.0.0/20        Building 3 Data Center
|  |-- 10.10.0.0/25        Windows Server Subnet
|  |-- 10.10.0.128/25      Oracle 10g Subnet
|  |-- 10.10.1.0/26          ESX VMWare Farm
|  |-- 10.10.1.64./26       Web Application Servers
Blanco Wireless subnet data in IPplan software

Figure 3-12. Blanco Wireless subnet data in IPplan software

NetFlow Collection

In keeping with best practices, Blanco collects NetFlow from its Cisco routers in both the DMZ backbone and the data center gateways. Blanco uses the OSU flow-tools package to collect and analyze NetFlow for monitoring and incident response.

Routing Information

Blanco has a class C network allocated, which is used for customer-facing web services. This network exists in Blanco’s single DMZ network with two Internet connections provisioned from ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Applied Network Security Monitoring

Applied Network Security Monitoring

Chris Sanders, Jason Smith
Network Protocols for Security Professionals

Network Protocols for Security Professionals

Yoram Orzach, Deepanshu Khanna

Publisher Resources

ISBN: 9780596157944Errata Page