Making Sense Of Events
by Christopher M. King
Published September 2001
The typical large enterprise routinely is inundated with security-related alerts from heterogeneous security devices (intrusion detection systems, firewalls, VPN gateways and platforms). Network security managers are awakened at all hours by various events that seem to demand their immediate attention. These managers find themselves attempting to manually inspect or decipher reports of security anomalies from amid the reams of logs generated by their organization's array of security devices—an impossible task.
To make sense of all this information, security managers need an operational view of the security health of the enterprise. This article looks at strategies to properly alert, categorize and react to security events as they occur.
This article is reproduced by special arrangement with our partner, Business Communications Review.
Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information. Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site. Please encourage colleagues to download their own copy after registering at http://www.webtorials.com/reg/.