[logs] Log Monitoring and Device Management
pierre-mac pinel
pmpinel at gmail.com
Tue Nov 20 01:16:48 PST 2007
Hi,
The main issue with this organisation is to keep control.
If you combine monitoring and management then you'll need to
re-enforce control (audit eg), and sharpen your SLA.
For this kind of services better is to have a 3 part organisation, to
have always a form of organical "auto control" in place.
Regards,
On Nov 19, 2007 2:59 PM, saudi sans <saudisans at gmail.com> wrote:
> Hi,
>
> We have currently outsourced security device[firewall, IDS and VPN]
> log monitoring to a service provider.
>
> Now we need to outsource the management of these devices like changing
> firewall rulebase, updating firewall patches, fine tuning IDS
> signatures etc.
>
> Is it advisable to give this also to the same service provider.
> Amongst the vendors I am evaluating this service provider has the best
> people/SLA and price.
>
> I want to know if I am violating any security principles by combining
> monitoring and management by doing this ?Is this an acceptable risk?
>
> If I have to go with same service provider what controls should I put
> in place to minimise risk.
>
> Regards
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysis at loganalysis.org
> http://www.loganalysis.org/mailman/listinfo/loganalysis
>
More information about the LogAnalysis
mailing list