How to Improve Your Security Monitoring
Presentation on how to setup your security monitoring systems, presented at FIRST and Networkers.
This presentation discusses techniques for building a successful computer security monitoring system.  In this preso, Cisco CSIRT engineers describe their approach, topology, challenges, and lessons learned in the process. This highly practical session illustrates security monitoring with Cisco Intrusion Prevention System (IPS) version 5 and 6, Cisco Security Monitoring, Analysis and Response (MARS) solution version 4, Netflow v7, and syslog. Cisco CSIRT engineers describe how the global solution was deployed, tuned, and lessons learned.