My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
04/17/2018
CBCC
>
Meetings
>
2010's
>
2018
>
04/17/2018
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/11/2021 3:22:45 PM
Creation date
6/1/2018 12:30:24 PM
Metadata
Fields
Template:
Meetings
Meeting Type
BCC Regular Meeting
Document Type
Agenda Packet
Meeting Date
04/17/2018
Meeting Body
Board of County Commissioners
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
220
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Network Security Monitoring (Albert) <br />What is Netflow and How is it Used? <br />A netflow record is a summary of a data exchange between two systems. it's based on seven <br />distinct characteristics: <br />1. Source IP <br />2. Destination IP <br />3. Source port <br />4. Destination port <br />5. TCP flags <br />6. Number of bytes of traffic sent and received <br />?. Timestamp information (start, end, and duration of connection) <br />Traditional network security monitoring services alert on malicious activity from the time a signature is <br />deployed, going forward. However, by leveraging netflow logs, data can be reviewed retroactively to <br />improve the ability to search for malicious activity. This allows previous network activity to be searched <br />for specific threats reported by partners, as well as further investigation of any major concerns identified <br />in the network environment. Please reach out to our 240 SOC to request a netflow query. <br />Sensor Details <br />The Albert service utilizes commodity hardware to help provide a robust offering at a low cost. Typically, <br />this can be run on a 1 U server (or a VM for smaller installations). <br />We recommend supplying an Albert sensor with network traffic by way of a network tap or data <br />aggregator (such as a gigamon) if your infrastructure already supports these options. For smaller <1Gb <br />networks, a span port off a router or switch will work well. Please contact CIS Services for assistance <br />with sizing your hardware. <br />Management <br />Monitoring, as well as full management of the sensor, is handled by the MS-ISAC. This includes <br />maintaining the operating system, IDS engine, netflow tools, and signature sets. <br />We will work with your organisation to make signature modifications upon request. We can also <br />collaborate with you to write custom signatures to detect specific types of malicious activity on <br />your network. <br />Pricing <br />Pricing is based on average Internet connection utilization. A one-time initiation fee per sensor applies. <br />To find out more about network security monitoring, contact us today at services@dsecurity.org. <br />Average Internet Utilization Monthly Fee (USD) <br />Up to 100Mbps $620 <br />>100Mbps -1Gbps $940 <br />>1Gbps $1,460 <br />
The URL can be used to link to this page
Your browser does not support the video tag.