Skip to Main Content
Security Monitoring
book

Security Monitoring

by Chris Fry, Martin Nystrom
February 2009
Intermediate to advanced content levelIntermediate to advanced
256 pages
7h 43m
English
O'Reilly Media, Inc.
Content preview from Security Monitoring

Bare Minimum Requirements

When my first child was born, our annual Christmas trek to Iowa required me to stuff our 1989 Ford Taurus with every item of clothing, toy, and article of portable baby furniture we owned. Three children later, we’ve discovered how little we truly need for a week at Grandma’s. Likewise, you can often succeed with far less than your ideals, especially when you reduce your scope. In the spirit of efficiency, here are a few essentials to apply for success in targeted monitoring.

Policy

You can’t escape policy—it’s your security monitoring anchor. Still, it’s hard to know where to begin. Here are the essential policies for most organizations, against which you can conduct productive security monitoring.

Policy 1: Allowed network activity

Be clear what network access is allowed and what isn’t. This is especially true of the most sensitive and critical network segments. When analysts detect activity toward the Internet from data centers, they need clear, documented policies regarding what network activity is allowed so that they can conduct fruitful investigations.

Policy 2: Allowed access

Document who can and should access the organization’s most critical, sensitive servers. Documenting who is allowed access creates a reference point against unauthorized access. It permits discovery and enforcement of access that is out of alignment with security policy.

Policy 3: Minimum access standards

Dictate the security standards expected of devices present on the network. This ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Applied Network Security Monitoring

Applied Network Security Monitoring

Chris Sanders, Jason Smith
Network Protocols for Security Professionals

Network Protocols for Security Professionals

Yoram Orzach, Deepanshu Khanna

Publisher Resources

ISBN: 9780596157944Errata Page