Abstract
This article is devoted to the methodology of organizing the process of monitoring of distributed information systems. The article considers the general concept of building the process of information security monitoring. Special attention is paid to such disadvantages of distributed systems as problems of system administration, problems of limited scalability of distributed systems and problems of software portability. It was concluded that at present there is no unified approach to eliminate these disadvantages when building a monitoring process. The model of decentralized distributed system for which the methodology of monitoring process organization is developed is given. Three approaches to the organization of monitoring process of distributed information systems are described, namely the organization of monitoring of network activity of information system, the organization of monitoring of host activity of information system and mixed approach. The mixed approach based on monitoring of network and host activity is used in the methodology. The process of prioritization of sources of information security events is considered, which includes the assessment of IS risks, identification of actual IS threats and identification of critical assets of the organization. As a result, a methodology for organizing the process of monitoring distributed information systems is proposed, which consists of four stages: risk calculation, identification of actual threats, prioritization of information security event sources and connection of selected sources to the information security event monitoring system.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.