Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

Home > Athena Security > A guide to firewall intervention for threat response

A guide to firewall intervention for threat response

White Paper Published By: Athena Security
Athena Security
Published:  Jan 28, 2010
Type:  White Paper
Length:  9 pages

SIEM solutions detect real attacks from the thousands of events that are happening in the network. When an unexpected and potentially dangerous event is recognized, engineers take a quick (temporary) action to block the security leak, diagnose what really went wrong, determine what else is at risk, and decide on a fix. At the same time, the engineer might have to figure out what changed in the network configurations to cause the incident. Depending on the complexity and number of devices required to be investigated, executing a timely response can be unrealistic. This paper discusses how Athena's firewall analytics solution can be used to find the rule changes related to the incident and to verify if the remedy implemented actually works without creating unintended side effects to the network.

Tags : 
firewalls, security, sim, siem, network security, risk, firewall analytics, security incident