LogAnalysis
[logs] Log Monitoring and Device Management Nov 19 2007 01:59PM
saudi sans (saudisans gmail com) (1 replies)
Re: [logs] Log Monitoring and Device Management Nov 20 2007 09:16AM
pierre-mac pinel (pmpinel gmail com)
Hi,

The main issue with this organisation is to keep control.

If you combine monitoring and management then you'll need to
re-enforce control (audit eg), and sharpen your SLA.

For this kind of services better is to have a 3 part organisation, to
have always a form of organical "auto control" in place.

Regards,

On Nov 19, 2007 2:59 PM, saudi sans <saudisans (at) gmail (dot) com [email concealed]> wrote:
> Hi,
>
> We have currently outsourced security device[firewall, IDS and VPN]
> log monitoring to a service provider.
>
> Now we need to outsource the management of these devices like changing
> firewall rulebase, updating firewall patches, fine tuning IDS
> signatures etc.
>
> Is it advisable to give this also to the same service provider.
> Amongst the vendors I am evaluating this service provider has the best
> people/SLA and price.
>
> I want to know if I am violating any security principles by combining
> monitoring and management by doing this ?Is this an acceptable risk?
>
> If I have to go with same service provider what controls should I put
> in place to minimise risk.
>
> Regards
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis (at) loganalysis (dot) org [email concealed]
> http://www.loganalysis.org/mailman/listinfo/loganalysis
>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus