Network Security Monitoring: Experience and Lessons

Presented at RVAsec 2019, May 23, 2019, 1 p.m. (50 minutes).

Network Security Monitoring is an integral part of security defense.  Setting up Network IDS/IPS properly is critical to ensuring an organization’s NSM is efficient and effective.  I have learned quite a few lessons from my experience in the NSM realm: from properly sizing and architecting solutions to automating deployment and operations in a variety of environments.  I will also share lessons on working with Network teams to configure network components for NSM, setting up and operating NSM systems, and scaling NSM solutions to handle customer demands.  I will also compare Open Source Solutions to Vendor Solutions.  My goal for this presentation is for attendees to learn from my experiences in order to make informed decisions in their own environments.


Presenters:

  • Jeff Tehovnik - Rackspace Government Solutions
    Jeff has been working in IT since 1998 and graduated from Virginia Commonwealth University (BS-IS 2012, MS-CISS 2014) and the SANS Technology Institute (PGC Ethical Hacking & Penetration Testing). Jeff also enjoys research and educating on Technical Information Security Topics including Network Security Monitoring and Advanced Persistent Threats. In addition to recently passing the CCSP exam, Jeff holds the CISSP, GCIH, GPEN, GWAPT, GXPN and VMware NSX: Micro-Segmentation certificates. When he’s not delving into the cloud, Jeff enjoys Reading, Fishing, and Vacationing at the beach with his wife and kids.  He is also an avid Hockey Fan.

Links:

Similar Presentations: