Network security monitoring

The use of next-generation firewalls, data loss prevention, malware analysis, and intrusion prevention are the foundation of network security monitoring at the Internet edge and other network boundaries. As an integral component to defense in depth, these tools analyze all network traffic traversing the network and are typically positioned in areas of the most criticality. Each of these technologies has been covered in depth in the earlier chapters from the protection standpoint; this section will discuss leveraging the tools from a monitoring perspective.

In order to gain an understanding of what traffic is traversing the network and its intent, it is imperative to have a strategic implementation of these tools in a ...

Get Enterprise Security: A Data-Centric Approach to Securing the Enterprise now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.