Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
6Activity

Table Of Contents

Chapter 2Regulatory Challenges in Depth27
Summary56
Chapter 3CS-MARS Deployment Scenarios59
Summary72
Chapter 4Securing CS-MARS77
Physical Security78
Inherent Security of MARS Appliances78
Security Management Network79
MARS Communications Requirements80
Summary87
Chapter 5Rules, Reports, and Queries89
Built-In Reports89
Creating an On-Demand Report97
Batch Reports and the Report Wizard108
Chapter 6Incident Investigation and Forensics133
Chapter 7Archiving and Disaster Recovery163
Chapter 8Integration with Cisco Security Manager181
Configuring CS-Manager to Support CS-MARS184
Configuring CS-MARS to Integrate with CS-Manager185
Using CS-Manager Within CS-MARS188
Chapter 9Troubleshooting CS-MARS193
Be Prepared193
Chapter 10Network Admission Control209
Configuration of CS-MARS for NAC Framework Reporting214
Information Available on CS-MARS214
Getting Messages to CS-MARS220
Determining What to Parse222
Adding the Device or Application Type223
Adding Monitored Device or Software242
Custom Parser for Cisco CSC Module249
Chapter 12CS-MARS Global Controller261
Introduction to CS-MARS and Security Threat Mitigation
CHAPTER
Introduction to Security Information Management
Common Features for SIM Products
Desirable Features for SIM Products
Challenges in Security Monitoring
Understanding CS-MARS
Robust Reporting and Rules Engine
CS-MARS User Interface
Summary
Regulatory Challenges in Depth
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Gramm-Leach-Bliley Act of 1999 (GLB Act)
The Sarbanes-Oxley Act of 2002 (SOX)
Payment Card Industry Data Security Standard (PCI-DSS)
Deployment Types
Sizing a CS-MARS Deployment
CS-MARS Sizing Case Studies
Physical Security
Inherent Security of MARS Appliances
Security Management Network
MARS Communications Requirements
Network Security Recommendations
Built-In Reports
Understanding the Reporting Interface
Creating an On-Demand Report
Batch Reports and the Report Wizard
Creating a Rule
Creating Drop Rules
Incident Handling and Forensic Techniques
False-Positive Tuning
Archiving and Disaster Recovery
Understanding CS-MARS Archiving
Using the Archives
Configuring CS-Manager to Support CS-MARS
Configuring CS-MARS to Integrate with CS-Manager
Using CS-Manager Within CS-MARS
Be Prepared
Troubleshooting MARS Hardware
Troubleshooting Software and Devices
Types of Cisco NAC
Configuration of CS-MARS for NAC Framework Reporting
Information Available on CS-MARS
Getting Messages to CS-MARS
Determining What to Parse
Adding the Device or Application Type
Adding Log Templates
Queries, Reports, and Rules
Custom Parser for Cisco CSC Module
Understanding the Global Controller
Installing the Global Controller
Using the Global Controller Interface
Global Controller Recovery
INDEX
0 of .
Results for:
No results containing your search query
P. 1
Cisco.press.security.monitoring.with.Cisco.security.mars.Jul

Cisco.press.security.monitoring.with.Cisco.security.mars.Jul

Ratings: (0)|Views: 467 |Likes:
Published by gh05t00

More info:

Published by: gh05t00 on Jul 25, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/20/2013

pdf

text

original

You're Reading a Free Preview
Pages 7 to 87 are not shown in this preview.
You're Reading a Free Preview
Pages 94 to 247 are not shown in this preview.
You're Reading a Free Preview
Pages 254 to 255 are not shown in this preview.
You're Reading a Free Preview
Pages 262 to 326 are not shown in this preview.
You're Reading a Free Preview
Pages 333 to 335 are not shown in this preview.

Activity (6)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Harikumar Menon liked this
Harun Al-Qaissi liked this
dovanquyen2008 liked this
dovanquyen2008 liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->