It must cover the use of OSSIM (Open Source SIEM) and Snort IDS for accomplishing vulnerability assessments and network security using an open source solution. Let me know if you can accomplish this paper, the instructor is very particular and grades strictly. As soon as you let me know whether or not you can assist then I will transfer funds. Here is some of the support information that needs to be incorporated into the paper.

Introduction

Security challenges within Cyber often have information assurance managers working to verify that data and systems present within their enterprise are secure. The problem exists in the method of securing a network that changes from minute to minute. As information travels through the cloud and then enters into a network the goal of security managers is to identify information present within the network which could be malicious and attempt to mitigate potential effects associated with successfully accessing host within the network. Open Source security solutions exist which can provide layers of defense for companies. Software such Open Source Security Information Manager (OSSIM) is a free tool that allows for remote sensing and geo-location devices within one dashboard used for management. Sourcefire provides an open source intrusion detection system (IDS) named SNORT and it has been accounted as being one of the leaders in sniffing hackers from within networks.

Discussion

Open Source Security Solutions

The defense of systems from advanced persistent threats (APT) is no laughing matter. The 2013 data breach investigation report provides incidents where systems and networks have been successfully attacked by hackers. In this report the identification of those attacks shows that breaches regularly go unknown for months before being discovered by organizations (Verizon, 2013). Our goal is to identify the fashion which security could be provided through open source architecture and still provide a sound security solution to be used by small and large companies trying to protect their data. Use of OSSIM will be explained on how it provides security practitioners with a centralized method for correlation of network security indicators. Methods for accomplishing vulnerability assessments within an enterprise will be expanded using OSSIM; integrated solutions such as Nessus and NMAP are key ingredients to providing information assurance (Lucas, 2008). The identification of network anomalies will be provided through the implementation of Sourcefire’s Snort provides security analysts with a dependable tool that can be used to scan network information. Snort is coupled with the identification elements which will be explained to provide information on traffic status, service availability associated within networks (Rehman, 2003).

Conclusion

Today companies cannot rely on the anti-virus software present within terminals, the intent should be to provide a security in-depth approach which provides layers of defense. Problems with securing a network typically begin with first evaluating the risk associated with the loss of the property. Companies will assess that loss and usually equate the amount of money available for protecting their asset. Cyber security is not cheap and finding solutions that evolve as the adversary changes their methods of attack often is like finding a unicorn. Most companies cannot afford to exhaust vast amounts of resources on necessary security so they are left with searching for capabilities provided from systems such as OSSIM. Businesses such as Sourcefire provide a network security solution which was built on the premise of being open source; Snort is known as being the most used IDS within the industry. Today companies are scrambling to find solutions that will protect them today and in the future.

Bejtlich, R. (2013). The practice of network security. San Francisco, CA: No Starch Press.

The practice of network security provides techniques for using open source tools and expands on the principles of leveraging that information for security. Use of this reference is to capture some of the methodology used within intrusion detection and the use of OSSIM and a Snort based solution.

Bejtlich, R. (2005). The tao of network security monitoring: beyond intrusion detection. Boston, MA: Pearson Education, Inc.

Tao of Network Security monitoring covers the principles that most network analysts should be using for accomplishing forensics on layer 3 information. The goal referencing this book would be to use the information to provide how the data results presented by OSSIM could be used in a similar fashion as the methods explained in the book for accomplishing behavioral analysis.

pur-new-sol

Related Questions