Epilogue. The Future of Network Security Monitoring
In many ways the practice of NSM is a fairly old discipline, stretching back to the first deployment of the ASIM sensors at Air Force bases in the early 1990s. In other ways NSM is very young, with the first comprehensive open source tool, Sguil, released in January 2003. The turn of the century brought an emphasis on intrusion prevention at the expense of intrusion detection, despite the obvious need to detect attacks prior to “preventing” them. Deep inspection firewalls are the presumed end game, looking far into application content to implement access control. Some analysts might think that NSM techniques are unsuited for ever-increasing traffic loads and that “perfect” detection or alert-centric ...
Get The Tao of Network Security Monitoring Beyond Intrusion Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.