Create a standard operating procedure as part of continuous monitoring on a day to day basis as a cyber security analyst. I have a sample template attached.
Here's the link for the admin guide below:
[url removed, login to view]
This specific SOP should cover the following:
1. Daily review of the Firewall report
a. Write what we are looking for in each area of the report, i.e., Data Usage – Timeline, Check the Connections in reference to the time of day. Are there connections or transferred data during non-work hours that are above a certain threshold? If yes, then explain how to investigate that data using the firewall. Then explain when to let the team know or open a ticket or create an artifact. Another example is Data Usage – Top Services, Do we have a list of ports and protocols that we expect to see? List them and then if a new service (port/protocol) shows up on the list, explain how to investigate the data using the firewall. Then explain when to open a ticket or create an artifact. This should capture what you review each day and how you analyze the report.
2. Review what we look at in the firewall appliance daily for each firewall listed. i.e., what we are looking for on the status page of the firewalls. Explain other items we review daily on the firewall and what constitutes something we would investigate or further analyze. i.e., Under Reports, Authentication, User Login, MrA, MrB, and MrC all were logged in last night between Midnight and 4am, that doesn’t seem correct. How do we investigate that and what anomalies are we looking for in the different sections of the Reports of the firewall itself that we may not catch reviewing the daily firewall report.
Here is the video example of a daily SonicWall GMS firewall report.
9 freelancers are bidding on average $115 for this job
I can achieve the results that you are asking for. I have good command in Academic writing,Content writing,Powerpoint,Article writing,Report writing,Research writing,Technical writing,Business plans etc Thank you!
Iam an experience Network Engineer. Primary Skills: CISCO NETWORK ENGINEERING, SERVER, VM WARE, ASA, FORTIGARE, MIKROTIK AND SECURITY. Iam Interested in your Project Please send me a Details so we can Discuss. Thanks