Preface; What This Book Is Not; What This Book Is; Conventions Used in This Book; Using Code Examples; SafariĀ® Books Online; Comments and Questions; Acknowledgments;Chapter 1: Getting Started; 1.1 A Rapidly Changing Threat Landscape; 1.2 Why Monitor?; 1.3 Challenges to Monitoring; 1.4 Outsourcing Your Security Monitoring; 1.5 Monitoring to Minimize Risk; 1.6 Policy-Based Monitoring; 1.7 Why Should This Work for You?; 1.
8 Open Source Versus Commercial Products; 1.9 Introducing Blanco Wireless;Chapter 2: Implement Policies for Monitoring; 2.1 Blacklist Monitoring; 2.2 Anomaly Monitoring; 2.3 Policy Monitoring; 2.4 Monitoring Against Defined Policies; 2.5 Types of Policies; 2.6 Policies for Blanco Wireless; 2.
7 Conclusion;Chapter 3: Know Your Network; 3.1 Network Taxonomy; 3.2 Network Telemetry; 3.3 The Blanco Wireless Network; 3.4 Conclusion;Chapter 4: Select Targets for Monitoring; 4.1 Methods for Selecting Targets; 4.2 Practical Considerations for Selecting Targets; 4.3 Recommended Monitoring Targets; 4.
4 Choosing Components Within Monitoring Targets; 4.5 Blanco Wireless: Selecting Targets for Monitoring; 4.6 Conclusion;Chapter 5: Choose Event Sources; 5.1 Event Source Purpose; 5.2 Choosing Event Sources for Blanco Wireless; 5.3 Conclusion;Chapter 6: Feed and Tune; 6.1 Network Intrusion Detection Systems; 6.2 NIDS Deployment Framework; 6.
3 System Logging; 6.4 NetFlow; 6.5 Blanco's Security Alert Sources; 6.6 Conclusion;Chapter 7: Maintain Dependable Event Sources; 7.1 Maintain Device Configurations; 7.2 Monitor the Monitors; 7.3 Monitor Databases; 7.4 Automated System Monitoring; 7.
5 System Monitoring for Blanco Wireless; 7.6 Conclusion;Chapter 8: Conclusion: Keeping It Real; 8.1 What Can Go Wrong; 8.2 Case Studies; 8.3 Real Stories of the CSIRT; 8.4 Bare Minimum Requirements; 8.5 Conclusion;Detailed OSU flow-tools Collector Setup; Set Up the Server; Configuring NetFlow Export from the Router;SLA Template; Service Level Agreement: Information Security and Network Engineering;Calculating Availability;Colophon;.