In weniger als einer Minute können Sie mit dem Lesen von Security Monitoring auf Ihrem Kindle beginnen. Sie haben noch keinen Kindle? Hier kaufen oder mit einer unserer kostenlosen Kindle Lese-Apps sofort zu lesen anfangen.

An Ihren Kindle oder ein anderes Gerät senden


Kostenlos testen

Jetzt kostenlos reinlesen

An Ihren Kindle oder ein anderes Gerät senden

Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Keine Abbildung vorhanden

Security Monitoring [Kindle Edition]

Chris Fry , Martin Nystrom

Kindle-Preis: EUR 32,20 Inkl. MwSt. und kostenloser drahtloser Lieferung über Amazon Whispernet

Kostenlose Kindle-Leseanwendung Jeder kann Kindle Bücher lesen  selbst ohne ein Kindle-Gerät  mit der KOSTENFREIEN Kindle App für Smartphones, Tablets und Computer.

Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.

Weitere Ausgaben

Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 32,20  
Taschenbuch EUR 42,84  



How well does your enterprise stand up against today's sophisticated security threats? In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors' years of experience conducting incident response to keep Cisco's global network secure. It offers six steps to improve network monitoring. These steps will help you:

  • Develop Policies: define rules, regulations, and monitoring criteria
  • Know Your Network: build knowledge of your infrastructure with network telemetry
  • Select Your Targets: define the subset of infrastructure to be monitored
  • Choose Event Sources: identify event types needed to discover policy violations
  • Feed and Tune: collect data, generate alerts, and tune systems using contextual information
  • Maintain Dependable Event Sources: prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.


This book shows you how to effectively deploy network security monitoring to defend your company against the most urgent threats you face. Most attacks from the Internet are not actionable. They're automated, noisy distractions from the real problems your enterprise is facing. The threat has driven deeper into your enterprise; infected hosts are remote-controlled and attacking your naked infrastructure. Hackers are working inside, and can operate without fear, stealing your most valuable intellectual property. Security monitoring isn't just setting up intrusion detection systems and firewalls.This book shows you how to get out of that trap by defining policies that specify what users can and can't do, and communicating those policies to management and employees. It continues with using those policies to determine 'what' to monitor, so you don't spend all your time chasing false alarms. It's long been known that the most important threats to any network are internal. "Practical Information Security Monitoring" teaches you how to put in place policies, monitoring systems, and practices that allow you to respond to these threats.


  • Format: Kindle Edition
  • Dateigröße: 2623 KB
  • Seitenzahl der Print-Ausgabe: 256 Seiten
  • Gleichzeitige Verwendung von Geräten: Keine Einschränkung
  • Verlag: O'Reilly Media; Auflage: 1 (9. Februar 2009)
  • Verkauf durch: Amazon Media EU S.à r.l.
  • Sprache: Englisch
  • ASIN: B0028N4WD8
  • Text-to-Speech (Vorlesemodus): Aktiviert
  • X-Ray:
  • Word Wise: Nicht aktiviert
  • : Nicht aktiviert
  • Amazon Bestseller-Rang: #407.695 Bezahlt in Kindle-Shop (Siehe Top 100 Bezahlt in Kindle-Shop)

  •  Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?

Mehr über die Autoren

Entdecken Sie Bücher, lesen Sie über Autoren und mehr


Es gibt noch keine Kundenrezensionen auf
5 Sterne
4 Sterne
3 Sterne
2 Sterne
1 Sterne
Die hilfreichsten Kundenrezensionen auf (beta) 4.8 von 5 Sternen  10 Rezensionen
15 von 17 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Useful for the more advanced reader 1. März 2009
Von calvinnme - Veröffentlicht auf
This book is not an introduction to network, server, or database administration. Neither is it an introduction to security tools or techniques. You need to have a foundational understanding of these areas and seek to build on them through specialization of your base skills. If you need a more introductory book I highly recommend The Tao of Network Security Monitoring: Beyond Intrusion Detection. This book attempts to take you deeper into your network, guiding you to identify the more sensitive, important parts of the network for focused monitoring. The first chapter is just an overview chapter and introduces the fictitious company used throughout the book, Blanco Wireless. Like most tech books, the good stuff starts in chapter two.

The second chapter discusses the wide variety of approaches for selecting the policies to monitor. It then discusses the the environment in which these policies are to be applied. Chapter three explores two primary methods of learning about a network: network taxonomy and network telemetry. Chapter four provides a third and final foundation, guiding you to select broad targets on which to focus your monitoring. Deep, proactive security monitoring is overwhelming and unproductive if it isn't targeted to specific systems. By selecting monitoring targets, you can narrow your focus to the most critical systems, making the most of your security monitoring equipment and staff.

Once you've worked through the steps of defining security policies, you know your network, and you've selected your targets, you can build on that foundation by choosing your event sources. Chapter 5 provides an overview of the various device types and their event sources, how you can collect them, and how you can inspect them for security policy violations. The various choices available are collected into a subset of the best event sources to help you choose the appropriate sources quickly, without becoming overwhelmed in the sea of possibilities. Chapter 6 provides guidance on how you can carefully configure systems that fit your infrastructure, and then tune them so you can detect the real security events.Chapter 7 aims to professionalize your monitoring, preventing gaps that could allow an intrusion to succeed without notice. With these finishing touches in place, you should be able to monitor your systems with confidence.

Chapter 8 is a concluding chapter. It gives examples where monitoring ideals haven't always aligned with practical experience, including the consequences of those deviations from standard rules. It gives the results of two case studies, including how the organizations deployed targeted monitoring. It concludes by stripping down the advice of the book to bare-minimum tasks for each step, leaving you with a checklist to start your own targeted monitoring.

Appendix A gives detailed information on setting up and running a NetFlow collector based on OSU flow-tools, followed by some simple commands to enable NetFlow generation from a Cisco IOS router. OSU flow-tools is a set of open source NetFlow collection utilities.

This book is a good combination of tools, calculations, and advice on organizing your thoughts and strategy for the more advanced user who is familiar with networks and network security. I highly recommend it for that type of reader.
7 von 7 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Solid Practical Advice 19. März 2009
Von Parentsof4 - Veröffentlicht auf
There is a lot of very practical information packed into this little book, no fluff or filler anywhere to be found. It will defiantly add value to any Network Security Monitoring implementation. This is a perfect book for a Network or System Engineer crossing over into Security. The only complaint is that it is way to pricey for such a small book printed on what feels like cheap newsprint.
4 von 4 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Real world view... 19. April 2009
Von RobR - Veröffentlicht auf
This book is a quick read "how-to" book to take your company to the next level. This is a real reality check written with an assumption that the reader is already familiar with networks and security. This book attempts to drive the value home with case studies, maintenance recommendations (yes, you do have to maintain the beast) and scripts to get started, and collected best practices. This is one of the books that get dog-eared and notes in the margin quickly.
5 von 6 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen great book! 1. Mai 2009
Von M. Helmke - Veröffentlicht auf
There are many good books that discuss the basics of systems administration. This is not one of those books. This book is much deeper and more specific and fills a niche that I think needed to be filled.

If you are in charge of a group of servers, especially as your company's setup becomes larger and more complex, knowing how to check for problems and intruders is vital. It is also something that can be difficult to learn because of the dearth of materials readily available. This book seeks to remedy that problem.

The authors are experienced security analysts and speakers who refined their materials over many years of giving security related presentations at conferences. They know what they are talking about, and their manner of presenting the material is clear and logical. The book's subtitle is "Proven Methods for Incident Detection on Enterprise Networks." It fits.

When I first noticed the deep ties each of the authors have with Cisco, I was concerned that the book might focus solely on their products, but they discuss software and methods from many vendors, including free and open source options. I found their discussions honest, open, and balanced.

The book begins by answering what security monitoring is, why it would be useful and desirable, and discusses several of the challenges involved in doing it well. We then move to the implementation of policies for monitoring, including a good description of the many types of monitoring that can be done, their strengths and weaknesses.

Next, we are led to know our network. This is foundational, but something that many systems administrators and IT workers don't do, either because of time constraints or they just don't think about it. However, taking the time up front to explore and really know what is in your network and how it is set up gives you a great advantage later when you receive security notices from your monitoring software--it helps you sort important things out from noise far more quickly and easily. The time savings later make this step well worth the time it takes to perform it.

Later, the book helps us select targets for monitoring, choose good sources for event collection and keep them dependable, feed and tune our netword intrusion detection systems and logging, and far more.

Each chapter and topic are demonstrated through an example that persists throughout the book, a fictional company called Blanco Wireless. As the chapters progress, we analyze and create security monitoring for the company. That was a useful thing to include.

One of my favorite features of the book is the final chapter which gives multiple real life examples through case studies and anecdotes to help illustrate moments when implementing the advice in the book would have been incredibly helpful, but when it was not done prior to an incident. The authors are very honest and humble here and own up to their humanity. Like the rest of us, they don't always do what they know should be done. Some of these are their stories of learning the hard way that you don't save time by skipping steps.

I think this book belongs on the shelf of anyone who has any responsibility for the security of systems, whether that responsibility is ultimate or partial. There is a lot in here, and anyone working in the field is sure to benefit in some way from the information.
5 von 6 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Network monitoring guide? Absolutely 5. August 2009
Von Christopher Burgess - Veröffentlicht auf
Martin and Chris do a great job in providing the network security professional with a hands-on guide to incident detection on enterprise networks.

The authors state at the outset - this is not a guide for the novice, but rather a guide for the journeyman who has a good working knowledge of network, server and database administration, as well as security tools and techniques.

The guide is as stated a professional guide, with exemplars which can be used in a sandbox, or to assist you in noodling through specific infrastructure monitoring issues - such as "tuning" so the incident logs tell you the story, and don't drown you in event data.

Their chosen format draws upon the authors' experiences and of course discusses the tools they use on a daily basis. To their credit, they also point out and list other tools which are substantially similar to those they use in their everyday work, and this alone is a benefit to the reader - you've the makings of your list of potential vendors, ready at hand.

I have the privilege of seeing the result of these gentleman's work and impact. That said, I also hear their voices clearly and distinctly in their verbiage - their articulation and emphasis is spot-on.

Worthy of the read, essential for the impact provided - a book of reference and exemplars which should be required in every incident response tool-box.

Christopher Burgess
Author: Secrets Stolen, Fortunes Lost
Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.

Kunden diskutieren

Das Forum zu diesem Produkt
Diskussion Antworten Jüngster Beitrag
Noch keine Diskussionen

Fragen stellen, Meinungen austauschen, Einblicke gewinnen
Neue Diskussion starten
Erster Beitrag:
Eingabe des Log-ins

Kundendiskussionen durchsuchen
Alle Amazon-Diskussionen durchsuchen

Ähnliche Artikel finden