Back to list
[logs] Log Monitoring and Device Management
Nov 19 2007 01:59PM
saudi sans (saudisans gmail com)
Re: [logs] Log Monitoring and Device Management
Nov 20 2007 09:16AM
pierre-mac pinel (pmpinel gmail com)
The main issue with this organisation is to keep control.
If you combine monitoring and management then you'll need to
re-enforce control (audit eg), and sharpen your SLA.
For this kind of services better is to have a 3 part organisation, to
have always a form of organical "auto control" in place.
On Nov 19, 2007 2:59 PM, saudi sans <saudisans (at) gmail (dot) com [email concealed]> wrote:
> We have currently outsourced security device[firewall, IDS and VPN]
> log monitoring to a service provider.
> Now we need to outsource the management of these devices like changing
> firewall rulebase, updating firewall patches, fine tuning IDS
> signatures etc.
> Is it advisable to give this also to the same service provider.
> Amongst the vendors I am evaluating this service provider has the best
> people/SLA and price.
> I want to know if I am violating any security principles by combining
> monitoring and management by doing this ?Is this an acceptable risk?
> If I have to go with same service provider what controls should I put
> in place to minimise risk.
> LogAnalysis mailing list
> LogAnalysis (at) loganalysis (dot) org [email concealed]
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
[ reply ]
Copyright 2010, SecurityFocus