找回密码
 注册
搜索
热搜: java php web
查看: 625|回复: 1

Security Monitoring

[复制链接]
发表于 2009-12-18 20:01:56 | 显示全部楼层 |阅读模式


作者:Chris Fry, Martin Nystrom
出版日期:February 24, 2009
出版社:O'Reilly
页数:246
ISBN:ISBN-10: 0596518161 ISBN-13: 978-0596518165
文件格式:CHM

Product Description
How well does your enterprise stand up against today’s sophisticatedsecurity threats? In this book, security experts from Cisco Systemsdemonstrate how to detect damaging security incidents on your globalnetwork–first by teaching you which assets you need to monitor closely,and then by helping you develop targeted strategies and pragmatictechniques to protect them.Security Monitoring is based on the authors’ years ofexperience conducting incident response to keep Cisco’s global networksecure. It offers six steps to improve network monitoring. These stepswill help you:
  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events
Security Monitoring illustrates these steps with detailedexamples that will help you learn to select and deploy the besttechniques for monitoring your own enterprise network.
About the Author
Chris Fry has been a member of the Computer Security Incident ResponseTeam (CSIRT) at Cisco Systems, Inc for 5 years, focusing on deploymentof intrusion detection, network monitoring tools, and incidentinvestigation. He began his career at Cisco in 1997 as an IT analyst,supporting Cisco’s production services. His four years as a NetworkEngineer in Cisco IT’s internal network support organization give himvaluable knowledge about and unique insight into monitoring productionenterprise networks. Chris holds a BA in Corporate Financial Analysisand an MS in Information and Communication Sciences from Ball StateUniversity.
Martin Nystrom is a Member of Technical Staff (MTS) for the ComputerSecurity Incident Response Team (CSIRT) at Cisco Systems. He leads theglobal security monitoring team and provides guidance for incidentresponse and security initiatives. Prior to joining Cisco’s CSIRT, hewas responsible for designing and consulting on secure architecturesfor IT projects. Martin worked as an IT architect and a Java programmerfor 12 years prior, where he built his experience in the pharmaceuticaland computer industries. He received a bachelor’s degree from IowaState University in 1990, a master’s degree from NC State University in2003, and his CISSP certification in 2004. He is the author ofO’Reilly’s “SQL Injection Defenses”, and the forthcoming, “SecurityMonitoring”. He is a frequent conference speaker, and was honored onthe Java One Rock Star Wall of Fame. He enjoys speaking at FIRST andCisco Networkers conferences, and providing security guidance tocustomers via Cisco’s Executive Briefing program. Most of Martin’spapers and presos can be found at xianshield.org

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

×
发表于 2010-12-30 03:55:10 | 显示全部楼层
谢谢石头兄,总是贴好书!

评分

1

查看全部评分

回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|软晨网(RuanChen.com)

GMT+8, 2024-11-22 12:29

Powered by Discuz! X3.5

Copyright © 2001-2023 Tencent Cloud.

快速回复 返回顶部 返回列表