[logs] Log Monitoring and Device Management
saudi sans
saudisans at gmail.com
Mon Nov 19 05:59:03 PST 2007
Hi,
We have currently outsourced security device[firewall, IDS and VPN]
log monitoring to a service provider.
Now we need to outsource the management of these devices like changing
firewall rulebase, updating firewall patches, fine tuning IDS
signatures etc.
Is it advisable to give this also to the same service provider.
Amongst the vendors I am evaluating this service provider has the best
people/SLA and price.
I want to know if I am violating any security principles by combining
monitoring and management by doing this ?Is this an acceptable risk?
If I have to go with same service provider what controls should I put
in place to minimise risk.
Regards
More information about the LogAnalysis
mailing list