Managing computer and network security is easier than it may
seem, especially if you establish a process of continual improvement—to keep
the various requirements in perspective and to avoid forgetting about aspects
of security. Security management centers on the concept of a security policy,
which is a document containing a set of rules that describes how security
should be configured for all systems to defend against a complete set of known
threats. The security policy creates a balance between security and
usability. The executive management team of our organization determines where
to draw the line between security concerns and ease of use. The Management
Security Forum consists of the Chief Information Officer, Engineering Manager,
NOC or Data Center Manager, and the Information System Security Officer.
Here is some task which they have performed in our organization
for network security management.
• Device configuration management
Centralized interface to quickly and easily deploy one or
more devices provides a similar, intuitive interface across all device types
and versions, along with complete support for all device features. Device
templates enable administrators to define and maintain commonly used
configurations in one place.
• Policy management
Provides an intuitive, rule-based approach for all device
families being managed, with a complete view of rule behaviors and options and
powerful filtering capabilities. Allows network objects and services to be
dragged and dropped directly into the policy rules from within the Policy or
Object Manager window.
• Centralized object management
Shared Object manager allows central administration of
network, service, Network Address Translation (NAT), attack, antivirus/deep
inspection objects from one interface that can be used by one or more policies.
• Real-time monitoring
Enables administrators to actively monitor the status of
large numbers of firewall/VPN and IDP Series devices, clusters, and VPN
• Intelligent security updates
An automatic, scheduled process updates the NSM attack
object database, and new attack object databases can be automatically pushed to
• Topology view
Centralized interface to discover and visualize a layer 2
topology on an Ethernet switched network. Discovered topology is automatically
organized into sub networks, and network administrators can view the topology
of each sub network as well as view the topology between sub networks. The zoom
in and zoom out capability allows network administrators to easily navigate
through the various parts of the network. The topology view also lists the
various end hosts connected to the switch.
• User activity management
Object locking allows multiple administrators to safely
modify different policies or devices concurrently. Job Manager provides
centralized status for all devices updates, whether in progress or complete.
Audit logs provide a record of configuration changes, supporting central
oversight of business policy compliance.
• Log and report management
High-performance log storage mechanism allows collection and
monitoring of detailed historical information on key criteria such as network
traffic and security events. Using the complete set of built-in analysis tools,
administrators can quickly generate reports for investigative or compliance