Preview

Running Managed Security Services

Powerful Essays
Open Document
Open Document
5432 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Running Managed Security Services
[pic]

Written by : Mohamed Sabah Mohamed
Program : GIAC - GSEC
Email : Mohamed.Sabah@DataFort.net
Date : 30-7-2002
Table of Contents

I Introduction 3

II What & why Managed Security Services 4

- Fault and Performance Management. 4 - Configuration Management. 4 - Security Reporting Management. 5 - Vulnerability Assessments. 5 - Anti Virus Management. 5

III Running Managed Security Services 5

1- Operational Procedures & MSS Operator Tasks 5 - Log Analysis. 5 - Preventive Maintenance. 6 - Backup. 6 - Reports Generation. 6 - Vulnerability Assessments. 6 - Advisors with the new Viruses & Vulnerabilities. 7 2- MSS Correlation 7 - Reporting. 8 - SMS notifications. 8 - Web. 8 MSS Operational & Correlation software 's 8 An Example of a correlated event 9

IV MSS processes 9

1- Fault & performance & security monitoring & management of security assets 9 - Received and Transmitted packets in a network interface 10 -Top Bandwidth users 10 - Bandwidth Usage per hour 11 -Denied Connection per hour 12 - Top alerts of the week 12 - Top 20 attackers. 13 2- Incident handling 13 - Remaining Calm. 13 - Taking Good Notes. 14 -Notifying the right people. 14 -Enforce a Need-to-know Policy 14 -Use Out-of-Band Communications 14 -Containing the problem. 14 -Making Backups. 15 -Getting rid of the problem. 15 -Getting back in business 15

V Resources & References 16

I Introduction

One of the hottest topics in the Information security industry now is the Managed Security Services. Everyday, we keep hearing about different organizations proposing for managed security services, presenter 's preparing hundreds of slides on describing the functions, importance and benefits of managed security services. This report is an


References: 1- SANS - Computer Security Incident Handling: Step-by-Step URL: http://www.sans.org/newlook/publications/incident_handling.htm ( 4-7-2002) 2- Counter Pane - Managed Security Monitoring: Network Security for the 21st Century URL: http://www.counterpane.com/msm.html ( 5-5-2002) 3- Guardent – Managed Security Services Overview URL: http://www.guardent.com/mss_overview.html ( 5-5-2002) 4- SANS Information Security Reading Room- Managed Room URL: http://rr.sans.org/managed/managed_list.php ( 20-5-2002) 5- Data Fort - Managed Security Services URL: http://www.datafort.net/mss.php ( 20-5-2002) 6- 1-Net - Managed Security Services Frequently Asked Questions URL: http://www.1-net.com.sg/0231securityFAQ.htm (10-5-2002) 7- CERT - Responding to Intrusions URL: http://www.cert.org/security-improvement/modules/m06.html (12-6-2002) 8- Network Intelligence- Envision – Private I software URL: http://www.opensystems.com/ENT_products/Software/ (2-7-2002) 10- The Secure Solution URL: http://www.pwcglobal.com/extweb/ manissue.nsf/DocID/0B6E4A47A89C257C85256BC0006DBC91 (26-6-2002) 11- RFC 1244 - Incident Handling URL: http://www.net.ohio-state.edu/rfc1244/incident.html ( 4-7-2002) ( 22-6-2002) 12 - Intelligent Distributed Fault and Performance Management for Communication Networks URL: http://www.isr.umd.edu/TechReports/CSHCN/2002/CSHCN_PhD_2002-2/CSHCN_PhD_2002-2.phtml ( 24-6-2002) 13- IDS Incident Flowchart
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Kudler Fine Foods IT Security Report FINAL WEEK 5
    • 2101 Words
    • 8 Pages

    Kudler Fine Foods IT Security Report FINAL WEEK 5

    To properly secure an information system means protecting its files and other confidential information from misuse. The current speed of technological growth requires ever evolving security measures to follow these developments. As the members of Team “A” set out to address this need, it was necessary to discuss the requirements. The foundation of all concrete security plans require a detailed knowledge of all current systems, the tools needed to accomplish security needs and employee training. The implementation of these requirements will be outlined within a final Security Presentation.…

    • 2101 Words
    • 8 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    Kenneth Sims IS3230 Unit 2 Global Acces
    • 406 Words
    • 2 Pages

    Kenneth Sims IS3230 Unit 2 Global Acces

    Global Limited has a reputation of being one of the world’s leading providers of infrastructure information systems, software, and services around the world. They are in need of a better business and security practices. They have identified a problem which has been likened to a game of Whack-a-mole. To help with its security problem, Global as called upon the knowledge of CIS-its own Security Division. One of the first steps is to understand what information is critical to the business initiatives. Global Cadence is front-end for over 40 applications and has for 200,000 registered users. Global is working to minimize its impact.…

    • 406 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    nt1210 lab 7.1-3
    • 420 Words
    • 3 Pages

    nt1210 lab 7.1-3

    Managed Security which allows management of all content in and out of the network, which in effect outsources all your security to.…

    • 420 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Is3230 Unit 2 Assignment 2 Information Security
    • 515 Words
    • 3 Pages

    Is3230 Unit 2 Assignment 2 Information Security

    Global Limited is a global provider of infrastructure information systems, whose services cater to a wide range of industry sectors. One of Global Limited’s business objectives is information security for their clients. In order to provide their clients with information security, Global Limited has utilized a risk management approach to protect their client’s information.…

    • 515 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    Lab 7 & 8
    • 1094 Words
    • 5 Pages

    Lab 7 & 8

    Authorized secure remote access, Traffic inspection and Coordinated Threat Control, Centralized security management and enterprise-wide visibility and control.…

    • 1094 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Good Essays

    Nt1330 Unit 3 Assignment 1
    • 801 Words
    • 4 Pages

    Nt1330 Unit 3 Assignment 1

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    INF 325 Week 1: A Case Study
    • 2472 Words
    • 10 Pages

    INF 325 Week 1: A Case Study

    Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright…

    • 2472 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Good Essays

    NT2580 Project part 1
    • 606 Words
    • 3 Pages

    NT2580 Project part 1

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Unit 8 Assignment 2 Network Security Applications and Countermeasusures
    • 299 Words
    • 2 Pages

    Unit 8 Assignment 2 Network Security Applications and Countermeasusures

    Given the network security applications and countermeasures in the first column of the table below, explore answers to the following questions:…

    • 299 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Nt1310 Unit 1 Assignment
    • 4104 Words
    • 17 Pages

    Nt1310 Unit 1 Assignment

    However, there is growing interest in protocols and other mechanisms for use with novel telecommunications services. Next-generation value-added services are bound to introduce new vulnerabilities. The interaction between all these communications and security protocols, and the mechanisms used for distributed systems security, is fertile ground for both interesting research. Ways to enhance these protection tools to make sure our technology is safe from IT attacks are evolving all the time. The systems or measures used to protect a company system at present might not be of any use in the future as technology is always enhancing to higher levels. Telecommunication businesses tend to be comparatively adept at managing information security risks. And many are taking action to achieve an enhanced level of ongoing insight and intelligence into ecosystem vulnerabilities and dynamic threats. Companies like Celcom must be ready to invest in this expensive research so as to be able to aggressively compete in the intense telecommunication market and to be able to sustain itself in this industry. Today, information security is a discipline that demands advanced technologies and processes, a skill set based on counterintelligence techniques, and the unwavering support of top executives. As telecom operators become more similar to technology companies, they will face a raft of new challenges. Core practices like employee awareness and training, policies and tools to reduce insider risks, and protection of data, including intellectual property, will need to be updated. The confluence of mobility, cloud, and social networking have multiplied risks, yet few operators have addressed these threats or deployed technologies that monitor user and network activity to provide insight into ecosystem vulnerabilities and threats. These…

    • 4104 Words
    • 17 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    CSEC 610 Individual Assignment
    • 3199 Words
    • 8 Pages

    CSEC 610 Individual Assignment

    Cyber-security demands are ever increasing in the field of Information Technology with the globalization of the internet. Disruptions due to cyber-attacks are affecting the economy, costing companies billions of dollars each year in lost revenue. To counter this problem corporations are spending more and more on infrastructure and investing to secure the cyber security vulnerabilities which range anywhere from software to hardware to networks and people that use them. Due to the complexity of information systems that interact with each other and their counter parts, the requirement to meet specific cyber security compliances have become a challenging issues for security professionals worldwide. To help with these issues, security professionals have created different standards and frameworks over the years for addressing this growing concern of vulnerabilities within enterprise systems and the critical information they hold (“Critical Security Controls,” n.d.).…

    • 3199 Words
    • 8 Pages
    Powerful Essays
    Read More
  • Good Essays

    Week 5 you decide
    • 928 Words
    • 4 Pages

    Week 5 you decide

    Security is an ever moving target that must be continually managed and refined to ensure appropriate confidentiality, integrity, and availability of services and systems that are critical to business, as well as the valuable data.…

    • 928 Words
    • 4 Pages
    Good Essays
    Read More
  • Good Essays

    Security Services Typologies
    • 281 Words
    • 2 Pages

    Security Services Typologies

    Out of all the Security agencies that were researched, the two that have been chosen was Pinkerton Security and the Federal Burial of Investigations (FBI) which is a part of Homeland Security. Starting with Pinkerton Security they would be classified as a Level IV because they can deal with a vast majority of situations that occur in their client areas. Their personnel can be deployed wherever they are needed in a short time and have a very clear governing intervention and enforcement powers. “Pinkerton Counseling and investigations has a very deep knowledge in the core investigation areas such as Fraud and Financial Investigations, TSCM (de-bugging), Electronic Discovery, and Workplace Violence Protection.” They also provide support, resources, and provide their expertise to smaller agencies.…

    • 281 Words
    • 2 Pages
    Good Essays
    Read More
  • Better Essays

    Security Services Administration and Management
    • 1277 Words
    • 6 Pages

    Security Services Administration and Management

    The historical development of private security in the United States has changed drastically over the centuries. The need for private security has grown as well. There are many gaps and areas for intrusion within the current public law enforcement system, almost mandating the necessity for private security. As the need and expectations for the private security grows, so will the qualifications for these positions. Understanding the history of the industry development creates a way to learn from the past, and make necessary changes for the future. Private security is the backbone of the American culture, and will continually evolve to prevent and protect society from any type of potential harm.…

    • 1277 Words
    • 6 Pages
    Better Essays
    Read More
  • Better Essays

    Management Plan for Security and Privacy
    • 1269 Words
    • 6 Pages

    Management Plan for Security and Privacy

    Many times, disaster recovery planning fails to consider how diverse regulations and compliance issues will impact an organization after a natural disaster strikes (Talon, 2006). For instance, organizations regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), will discover that disaster recovery planning can be a complex web of potential pitfalls.…

    • 1269 Words
    • 6 Pages
    Better Essays
    Read More

Related Topics