How well does your enterprise stand up against today''s sophisticated security threats?

In this book, security experts from Cisco Systems demonstrate how to detect damaging security incidents on your global network--first by teaching you which assets you need to monitor closely, and then by helping you develop targeted strategies and pragmatic techniques to protect them.

Security Monitoring is based on the authors'' years of experience conducting incident response to keep Cisco''s global network secure. It offers six steps to improve network monitoring. These steps will help you:

Develop Policies

define rules, regulations, and monitoring criteria

Know Your Network

build knowledge of your infrastructure with network telemetry

Select Your Targets

define the subset of infrastructure to be monitored

Choose Event Sources

identify event types needed to discover policy violations

Feed and Tune

collect data, generate alerts, and tune systems using contextual information

Maintain Dependable Event Sources

prevent critical gaps in collecting and monitoring events

Security Monitoring illustrates these steps with detailed examples that will help you learn to select and deploy the best techniques for monitoring your own enterprise network.