|
|
 |
| Posted: |
09 Apr 2008 |
| Published: |
01 Mar 2008 |
| Format: |
PDF
|
| Length: |
7
Page(s) |
| Type: |
White Paper |
| Language: |
English |
 |
 |
|
ABSTRACT:
SIM provides real-time monitoring of events and correlations, centralized to a single console. The technology provides tremendously improved forensics analysis. Most importantly, the SIM can be the foundation for a company's SOC and provide a clear improvement in network operations.
Lessons learned during Interval's implementation include:
- Create "compartments" for other users and groups to allow them a view into the console
- Create a knowledge base to share information
- Leverage help-desk support to set the escalation process in motion
- Provide regular feedback to senior management, so they can appreciate the fact that the millions of dollars the company spent on this product is improving compliance
- Watch growth and budget appropriately
|
 |
AUTHOR:
Sasan Hamidi
Chief Information Security Officer, Interval International
Sasan Hamidi is the Chief Information Security Officer for Interval International. Prior to that, he was the Director of Security and Infrastructure at General Electric Power Systems, and before that, he was the Senior Project Manager with IBM Global Network Security, auditing IBM-owned networks from a security standpoint. Hamidi has over 17 years of industry experience.
|
|
|
|
BROWSE RELATED RESOURCES:
Network Management | Security Event Management |
|
View All Resources
sponsored by ArcSight, Inc. |
|
CyberLibrary Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy. webmaster@bitpipe.com
|
