<div>
Before scanning your logs (unless you're looking for specific traffic) you want to baseline, as described above. Consider also setting up a network monitoring tool to give you a more visual representation of your traffic -- MRTG or Nagios/NagVis etc
</div>


Before scanning your logs (unless you're looking for specific traffic) you want to baseline, as described above. Consider also setting up a network monitoring tool to give you a more visual representation of your traffic -- MRTG or Nagios/NagVis etc

<div>
How would I know if a system has been compromised? <br />
<br />
Thanks,
</div>


How would I know if a system has been compromised?

Thanks,

<div>
<div class="content wysiwyg-content">
I just started as a security admin. I would like to know what are the things I should focus when reviewing &nbsp;firewall and IDP log files. We have juniper firewall and IDP devices. Any documentation / guidlines anyone can recommend.<br />
<br />
Thanks,
</div>
</div>


I just started as a security admin. I would like to know what are the things I should focus when reviewing  firewall and IDP log files. We have juniper firewall and IDP devices. Any documentation / guidlines anyone can recommend.

Thanks,

Firewall / IDP log review

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.