Blanco Wireless: Selecting Targets for Monitoring
Like most wireless phone carriers, Blanco collects Social Security numbers from customers when setting up their accounts, illustrated in Figure 4-8. Blanco uses this information to request and report credit information from one of the large credit reporting services. As described in Chapter 2, Blanco has formed policies designed to protect such information and comply with government regulation.

Figure 4-8. Blanco’s account entry form
Blanco’s account management system, shown in Figure 4-9, is composed of a common, three-tier architecture:
Apache web servers running on three load-balanced Red Hat Enterprise Linux (RHEL) servers
An IBM WebSphere Application Server running on a VMware ESX server farm
An Oracle database (11g), clustered and distributed across two RHEL servers
An OpenLDAP server running on one RHEL server
Data center gateways (two Cisco IOS 7200 routers)
A NIDS (one Sourcefire Snort server)

Figure 4-9. Blanco Wireless account management system
Although not pictured in Figure 4-9, load-balancing intelligence is built into the network, reducing the need for separate, specialized equipment.
Components to Monitor
In Chapter 5, we’ll discuss the best event feeds to use for monitoring our target system. Our task for now, however, is to identify ...