Re: Centralized firewall management and log analysis tools

[Peter Thomas <hackertarget.admin () gmail com>]

The question is very open ended, as can be seen from the varied responses.

Three primary bits of information required are:

1. What is the budget?
2. Are there already firewalls / IDS in place, if so what are they?
3. Do you have inhouse skills for any particular products?

RSA Envision and Arcsight are comprehensive logging solutions but cost a bomb.

If it is a smallish network, and there is no budget. With a bit of
work you could get away with a syslog server or Splunk (Community
version is free), Snort + OSSEC + Linux based hosts (smoothwall, ipcop
etc) on the gateways.

However, if its a big corporation with a decent budget - you could
look at Checkpoint or Cisco with cattools for centralised management
and a big budget SIEM. These will still require a bit of work. There
are no silver bullets to do it properly.


Regards,

Peter
--------------------------------------------------
Security Scanning Tools On-line
Web: http://hackertarget.com/
--------------------------------------------------





On Thu, May 3, 2012 at 8:30 PM, Daniel Gil <the900 () gmail com> wrote:
> Hi list!
>
> Recently I've been tasked with designing a solution for a company that
> has multiple offices, each with a database server and firewall,
> connected to the central headquarters through vpn. They administer
> each of these offices individually and would like a centralized server
> for firewall administration, log analysis and possibly IDS/vpn
> administration.
>
> I've been thinking about splunk+snort+a firewall that provides
> centralized management. Is there a better set of tools for the job? Or
> even better, a single tool that integrates all features?
>
> I'd love to hear from you people with experience in implementing
> similar solutions which tools worked best for you.
>
> Best regards,
> Dan
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------