Firewall | Virtela Viewpoint

Jul 13

Operationally effective SIEM: Part 1 of 3

Ask yourself: Do you need a Security Information and Event Management (SIEM) to maintain PCI compliance?

According to section 10.6 of the latest Payment Card Industry Data Security Standard requirements (PCI DSS v2.0), any entity involved in payment processing is required to perform log analysis at least once daily.

At a recent security conference that I attended, SIEM was the keynote topic. The speaker covered the areas of log retention and reporting in great detail, but fell short in analysis. I asked the speaker to explain the process around creating log analysis, knowing this was a loaded question as we at Virtela have been working on this for years. My intent was not to challenge the speaker; I simply wanted to compare our thoughts about good processes for log analysis . The speaker danced around the subject, answering in abstracts like “try to understand what you are looking for” (not bad, but pretty vague), “understand the threat landscape” (OK, sure that is important, but still pretty vague), and went on about some other lofty ideas, but no concrete “first you do this, followed by this, and then proceed with this…” As I have attended many conferences this year, it is becoming apparent to me that there seems to be a lack of clarity on the subject of operationally defining security events that can be generated (via correlation) from a SIEM. So, I decided to share my thoughts on the subject in hopes of helping those that are trying to deploy a SIEM solution, as well as maybe sparking a healthy debate. Read more

Feb 21

Confused about cybersecurity? You’re not alone

By: Cameron Williams Post a Comment

Cameron Williams

At one point or another, nearly everyone has had a moment of cybersecurity gone wrong. Whether it’s a bit of spyware downloaded from your personal email or a distributed denial of service (DDoS) attack launched against your company’s network, experiences with security threats are not especially rare these days.

But understanding the odds and ends of cyberthreats is something that still eludes the casual computer user. Terms like malware, spyware, DDoS, botnet, advanced persistent threats, we know they’re bad news, but beyond that they’re just jargon used by IT guys and technology pundits. Even those who do claim to understand the nuances of cybersecurity have a tendency to confuse the details or explain them unclearly. Read more

Dec 6

Why it’s important to know your network traffic

By: Aditya Mukadam Post a Comment

Aditya Mukadam

Investing in bandwidth upgrades without knowledge of traffic is like filling a bucket with a leaking hole

“We are growing and need more bandwidth.”
“We’ll need to double the bandwidth as we are over-utilizing the existing pipe.”

These are common complaints – or requirements – of CIOs and Network/IT managers. Upgrading bandwidth to meet business demands is critical. But equally important is the need to know what traffic types are flowing across the network. Are users making right use of the current bandwidth? Is a DS3 being fully utilized with production or business traffic?

Most companies do not identify their traffic flow due to lack of time, resources, or skill. Budget is commonly available to upgrade the bandwidth but not to analyze the traffic, which is rarely considered a necessity under the assumption that all traffic is legitimate traffic. As a result, it’s comparatively easy to make a business case to upgrade bandwidth than it is to invest in identifying the traffic. Read more

Aug 12

A day in the life of a SOC Engineer

By: Voice of Virtela Post a Comment

Voice of Virtela

Arrive at work a little early to get ahead of the day. I have some tickets to confirm, work, and close. On top of that there are new engineers to be trained on Virtela processes and tenured engineers to be trained on new, more advanced features. And then there is refresher training for all.

Today my focus will be training. Virtela’s Managed Security Services is growing and our group has doubled in engineers in all tier groups. We have a very diverse group of minds and experience. There’s a significant amount of collaboration and cross-training. There are expert engineers for every device and every security concept. Read more

May 19

The Security Side of Mobile Device Management

By: Kathy Lynch 1 comment Post a Comment

Kathy Lynch

Previously, Ben had blogged about Why Mobile Device Management (MDM) is necessary for today’s enterprises. Today, I would like to touch on how to secure mobile devices. The main two components of securing mobile devices are 1) securing the connection between the mobile device and the corporate network, and 2) securing the device itself.

Securing the Connection

There are several ways to secure the connection to the corporate network while providing seamless access from any device, anywhere. Read more

About Us

Global Managed Network, Security and Technology Services Company | Virtela

Virtela is the world's largest independent managed network, security and cloud services company. Virtela offers an award-winning suite of services - including managed networks, security, application acceleration and proactive infrastructure management - to mid-market and Fortune 500 customers around the world. Virtela offers unparalleled geographic reach to more than 190 countries through its partnerships with more than 500 carriers.

Virtela is headquartered in Denver, Colorado, with globally distributed Network Operations Centers in the U.S., India and the Philippines. For more information, please call +1 (720) 475-4000 or visit www.virtela.net.

Operationally effective SIEM: Part 1 of 3

Confused about cybersecurity? You’re not alone

Why it’s important to know your network traffic

A day in the life of a SOC Engineer

The Security Side of Mobile Device Management

About Us

Global Managed Network, Security and Technology Services Company | Virtela

Categories

Tags

Blogroll

Twitter Links