The Practice of Network Security MonitoringThe Practice of Network Security Monitoring
Understanding Incident Detection and Response
Title rated 0 out of 5 stars, based on 0 ratings(0 ratings)
Book, 2013
Current format, Book, 2013, , Available .Book, 2013
Current format, Book, 2013, , Available . Offered in 0 more formatsNetwork security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
You'll learn how to:
–Determine where to deploy NSM platforms, and size them for the monitored networks
–Deploy stand-alone or distributed NSM installations
–Use command line and graphical packet analysis tools, and NSM consoles
–Interpret network evidence from server-side and client-side intrusions
–Integrate threat intelligence into NSM software to identify sophisticated adversaries
There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
An invaluable compendium of information for network and system administrators, this volume details a series of strategies for early incident detection and proper response to it. "Collect, analyze, escalate" is the slogan on the back cover, and the book concentrates on those three layers of the "security onion" beginning with techniques for data collection, including access, storage and management of the huge volumes of network traffic. Several chapters describing network security monitoring system deployment and housekeeping follow. Then, many tools, both command line and graphical interface, are listed, described, and their functionality compared. Finally, the whole system is analyzed in action, including extensions, client- and server-side compromises, day-to-day operations and the use of proxies and checksums. An appendix deals with system configuration and scripting. Annotation ©2014 Book News, Inc., Portland, OR (booknews.com)
Offers information on building, deploying, and running a network security monitoring operation with open source software and vendor-neutral tools.
Network security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
You'll learn how to:
–Determine where to deploy NSM platforms, and size them for the monitored networks
–Deploy stand-alone or distributed NSM installations
–Use command line and graphical packet analysis tools, and NSM consoles
–Interpret network evidence from server-side and client-side intrusions
–Integrate threat intelligence into NSM software to identify sophisticated adversaries
There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
You'll learn how to:
–Determine where to deploy NSM platforms, and size them for the monitored networks
–Deploy stand-alone or distributed NSM installations
–Use command line and graphical packet analysis tools, and NSM consoles
–Interpret network evidence from server-side and client-side intrusions
–Integrate threat intelligence into NSM software to identify sophisticated adversaries
There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
An invaluable compendium of information for network and system administrators, this volume details a series of strategies for early incident detection and proper response to it. "Collect, analyze, escalate" is the slogan on the back cover, and the book concentrates on those three layers of the "security onion" beginning with techniques for data collection, including access, storage and management of the huge volumes of network traffic. Several chapters describing network security monitoring system deployment and housekeeping follow. Then, many tools, both command line and graphical interface, are listed, described, and their functionality compared. Finally, the whole system is analyzed in action, including extensions, client- and server-side compromises, day-to-day operations and the use of proxies and checksums. An appendix deals with system configuration and scripting. Annotation ©2014 Book News, Inc., Portland, OR (booknews.com)
Offers information on building, deploying, and running a network security monitoring operation with open source software and vendor-neutral tools.
Network security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
You'll learn how to:
–Determine where to deploy NSM platforms, and size them for the monitored networks
–Deploy stand-alone or distributed NSM installations
–Use command line and graphical packet analysis tools, and NSM consoles
–Interpret network evidence from server-side and client-side intrusions
–Integrate threat intelligence into NSM software to identify sophisticated adversaries
There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
Title availability
About
Subject and genre
Details
Publication
- San Francisco : No Starch Press, 2013.
Opinion
More from the community
Community lists featuring this title
There are no community lists featuring this title
Community contributions
There are no quotations from this title
There are no quotations from this title
From the community