This section details typical security operations performed after the system installation, initial deploymentEntire process involved in installation, configuration, startup, and testing of hardware and software in a specific environment., and configuration of USM Anywhere.
The section includes several chapters for explaining these security operations. There is a chapter which describes how essential is the review of some of the overall best practices that many organizations follow in implementing and then maintaining network security operations in their environments.
Another chapter is about the significance of having a good network security monitoringProcess of collecting all device status and event information and processing normalized events for evidence of vulnerabilities, possible attacks, and other malicious activity. system which can discover things every day that provide value to security efforts.
You can also find in this section, a chapter which describes a best practice workflow for using USM Anywhere to perform operations during the entire Security Monitoring and Management lifecycle.
You can also find information about how you can use the USM Anywhere web UI to verify that it is operating properly after the basic installation and configuration of your USM Anywhere system.
Finally, in this section, there is a chapter on which you will find how you could establish a Baseline Network Behavior for what constitutes normal behavior in your network. Through this baseline, you could evaluate results and filter out the noise to identify and filter out right away some false positives.
This section includes the following topics