Security Maintenance and Monitoring

The Designing and implementing architecture is just the first step in creating security infrastructure. The maintenance and monitoring, goal is to keep systems and network up–to–date, properly configured, and analyzes for suspicious activity. The identifying vulnerabilities, finding the correct software patches, downloading the code, installing the security update in the right sequence, and validating effective installation is quite a process. Sun has also developed a patch–checking tool similar to Microsoft’s HFNetChk. The other major operating system vendors, Linux vendors provide a support page with information on security alerts and available patches. The Red Hat Network is a subscription system support and management service that provides alerts, software patches, and automatic Red Hat Package Manager updates. The security mailing lists are a good place to get information about new exploits and new exploit techniques. The windows servers create event logs, UNIX/Linux servers report to syslog, and Web servers have their own log files.