Security Monitoring with Cisco Security MARS
Threat mitigation system deployment
Networks and hosts are probed hundreds or thousands of times a day in an
attempt to discover vulnerabilities. An even greater number of automated
attacks from worms and viruses stress the same devices. The sheer volume
of log messages or events generated by these attacks and probes,
combined with the complexity of an analyst needing to use multiple
monitoring tools, often makes it impossible to adequately investigate
what is happening.
Cisco(r) Security Monitoring, Analysis, and Response System (MARS) is a
next-generation Security Threat Mitigation system (STM). Cisco Security
MARS receives raw network and security data and performs correlation and
investigation of host and network information to provide you with
actionable intelligence. This easy-to-use family of threat mitigation
appliances enables you to centralize, detect, mitigate, and report on
priority threats by leveraging the network and security devices already
deployed in a network, even if the devices are from multiple vendors.
Security Monitoring with Cisco Security MARS helps you plan a MARS
deployment and learn the installation and administration tasks you can
expect to face. Additionally, this book teaches you how to use the
advanced features of the product, such as the custom parser, Network
Admission Control (NAC), and global controller operations. Through the
use of real-world deployment examples, this book leads you through all
the steps necessary for proper design and sizing, installation and
troubleshooting, forensic analysis of security events, report creation
and archiving, and integration of the appliance with Cisco and
third-party vulnerability assessment tools.
Learn the differences between various log aggregation and correlation
systems:
- Examine regulatory and industry requirements
- Evaluate various deployment scenarios
- Properly size your deployment
- Protect the Cisco Security MARS appliance from attack
- Generate reports, archive data, and implement disaster recovery
plans
- Investigate incidents when Cisco Security MARS detects an attack
- Troubleshoot Cisco Security MARS operation
- Integrate Cisco Security MARS with Cisco Security Manager, NAC, and
third-party devices
- Manage groups of MARS controllers with global controller operations
URL:
Code:
http://www.amazon.com/exec/obidos/tg/detail/-/1587052709/
Download:
Code:
http://depositfiles.com/files/2816840
Mirror Download:
Code:
http://rapidshare.com/files/78631590/1587052709.zip
Password default : booktraining.net
No comments:
Post a Comment