E-MailThinking Inside the Box: The Importance of Real-Time Log Monitoring for Network Security
Historically, corporate security teams have focused the majority of their efforts and budgets on perimeter security systems: firewalls, network-based intrusion detection systems (IDSs), and virtual private network (VPN) servers. But by themselves, perimeter systems present a very skewed image of malicious or damaging activity on a corporate network. Firewalls and VPNs record information about the success or failure of a particular network connection attempt. IDSs detect content-based attacks, crafted packets, and network probes, but they cannot determine the outcome of that malicious activity. Once the IDS alarm has gone off, someone has to investigate the targeted machine to determine whether or not the attack was successful.
Cutter Consortium clients, please log in:
If you would like further information about how to become a client, please contact us at +1 781 648 8700 or sales@cutter.com.
Purchase from the bookstore