The Practice of Network Security Monitoring

The Practice of Network Security Monitoring

Understanding Incident Detection and Response

Book - 2013
Average Rating:
Rate this:
Baker & Taylor
Offers information on building, deploying, and running a network security monitoring operation with open source software and vendor-neutral tools.

Book News
An invaluable compendium of information for network and system administrators, this volume details a series of strategies for early incident detection and proper response to it. "Collect, analyze, escalate" is the slogan on the back cover, and the book concentrates on those three layers of the "security onion" beginning with techniques for data collection, including access, storage and management of the huge volumes of network traffic. Several chapters describing network security monitoring system deployment and housekeeping follow. Then, many tools, both command line and graphical interface, are listed, described, and their functionality compared. Finally, the whole system is analyzed in action, including extensions, client- and server-side compromises, day-to-day operations and the use of proxies and checksums. An appendix deals with system configuration and scripting. Annotation ©2014 Book News, Inc., Portland, OR (

Ingram Publishing Services
Network security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.

In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.

You'll learn how to:
–Determine where to deploy NSM platforms, and size them for the monitored networks
–Deploy stand-alone or distributed NSM installations
–Use command line and graphical packet analysis tools, and NSM consoles
–Interpret network evidence from server-side and client-side intrusions
–Integrate threat intelligence into NSM software to identify sophisticated adversaries

There’s no foolproof way to keep attackers out of your network. But when they get in, you’ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.

Publisher: San Francisco : No Starch Press, 2013
ISBN: 9781593275099
Branch Call Number: 005.8 B397p
Characteristics: pages cm


From the critics

Community Activity


Add a Comment

There are no comments for this title yet.


Add Age Suitability

There are no ages for this title yet.


Add a Summary

There are no summaries for this title yet.


Add Notices

There are no notices for this title yet.


Add a Quote

There are no quotes for this title yet.

Explore Further

Browse by Call Number


Subject Headings


Find it at SJCPL

To Top