Hopefully, you’ve already read books on security. This one aims to take you deeper into your network, guiding you to carve out the more sensitive, important parts of the network for focused monitoring. We haven’t coined a term for this, but if we did, it would be targeted monitoring or policy-based monitoring or targeted reality-based policy monitoring for detecting extrusions.
Here is a short summary of the chapters in this book and what you’ll find inside:
- Chapter 1, Getting Started
Provides rationale for monitoring and challenges, and introduces our monitoring philosophy
Following Chapter 1 are the six core chapters of the book, each successively building on topics discussed in previous chapters:
- Chapter 2, Implement Policies for Monitoring
Defines rules, regulations, and criteria to monitor
- Chapter 3, Know Your Network
Builds knowledge of your infrastructure with network telemetry
- Chapter 4, Select Targets for Monitoring
Defines the subset of infrastructure to monitor
- Chapter 5, Choose Event Sources
Identifies the event types needed to discover policy violations
- Chapter 6, Feed and Tune
Collects data and generates alerts, and tunes systems using context
- Chapter 7, Maintain Dependable Event Sources
Prevents critical gaps in your event collection and monitoring
Following the core chapters are the closing chapter and a trio of appendixes:
- Chapter 8, Conclusion: Keeping It Real
Provides case studies and real examples to illustrate the concepts presented in the six core chapters
- Appendix A
Provides detailed instructions for implementing NetFlow collection based on Cisco’s deployment
- Appendix B
Provides a sample service level agreement (SLA) for maintaining security event feeds from network devices
- Appendix C
Offers statistical proofs for calculating and calibrating uptime for security monitoring configurations
Get Security Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.