Search form

Upcoming Webinars

Eradicate service outages and performance issues from your network with OpManager
April 23, 2024
Master Class: Optimizing CX through 4 Pillars of Internet Resilience
May 01, 2024

On-Demand Webinars

Avoid Observability Failure: Hybrid Enterprises Must Complement APM with Internet Performance Monitoring
Observability Trends: Key Considerations for Modern Observability
Navigating Today's I&O Landscape: Leveraging Cloud, Hyper-Convergence and Observability
Master Class: Monitoring from Your Users' Perspective
2024 Tech Trends: 10 Predictions for Tomorrow's IT Evolution
The SRE Report 2024: What the Charts Don't Tell You
2024 Security Trends: How Generative AI Is Changing the Threat Landscape
Getting the Most Out of Elastic Observability & New Features
Tales from the trenches: Security leaders share insights on protecting higher education
The Impact of AIOps and GAI on Modern Observability
Countering Internet Complexity with AI-Powered Internet Performance Monitoring
Maximizing Customer Lifetime Value: Transforming Ecommerce with AI-Powered Search
AI Meets Search: Powering a New Generation of Insights
Behind the Scenes: Rocket Lawyer's Secret Sauce for Uninterrupted Digital Legal Services
3 Tips to Supercharge Your Application Tracing
What's New at Catchpoint! Fall 2023 Product Launch Event
Demo of Internet Sonar: From Disruption to Instant Detection
Harnessing the Power of Generative AI in Retail
Expert Insights: Navigating Outages Like a Pro
What's New in Application Monitoring: Maximizing Operational Efficiency with Enhanced Performance Insights
Preventing Outages: Implement an Internet Performance Monitoring Plan
Don't Get Lost in the Cloud
SOLD IN 6 SECONDS: Formulas to Fast & Friction-Free E-commerce
Supercharge Your IT Resources
Automate and Save Time
Maximize Shareholder Value with Internet Resilience
Building & Monitoring Lighting Fast, Cloud Native Payment Experiences
Getting the Most Out of Elastic Observability & New Features
Preventing Outages: Map Your Internet Stack
May 2023 Product Launch: Learn about Catchpoint's New Capabilities

All Webinars...

Analyst Reports

Modern Enterprises Must Boost Observability with Internet Performance Monitoring
GigaOm CxO Decision Brief: Internet Resilience, May 2023
2023 Gartner Critical Capabilities for APM and Observability
Forrester Opportunity Snapshot: Increase Revenue with Internet Performance Monitoring

All Analyst Reports...

White Papers

Synthetic monitoring 101: A comprehensive guide to synthetic monitoring
Beyond deployment: The ongoing challenges in application performance monitoring implementation
How Is IPAM Simplifying Modern Networking?
The Elastic Generative AI Report
The 2024 Observability Landscape — a survey of observability decision-makers
Database Monitoring for Beginners: 6 Steps to Get You Started
6 Best Practices for Application Performance Monitoring
Visibility, Scalability, Security: Why IPAM Is the Cornerstone of Robust Data Centers
The SRE Report 2024
Real-Time Server Traffic Monitoring: Benefits, Best Practices and NetFlow Analyzer
Key Considerations When Choosing the Right Application Performance Monitoring Tool for Your Business
Apache Cassandra Monitoring: Challenges and Solutions
2024 State of IT Operations Report: Journey to Agility
Streamlining Configuration Management: Unleashing the Power of OpManager's Module
OpenShift Monitoring: Five Crucial Elements to Look Out for
Apache Tomcat Monitoring Made Easy with Applications Manager
End-User Experience Monitoring: Its Meaning, Importance, and Best Practices
5 Steps to Improve Website Performance
Learn the Importance of Network Backup Tool
IT Budgeting Amid a Challenging Macroeconomic Climate
Network Configuration Manager as an Add-On to OpManager
State of ITOM in 2023
The 2023 State of IT Operations Report
Going Beyond Plain Virtualization Monitoring
Preventing Outages in 2023: What We Learned from Recent Failures
Integrated Performance Management for Physical, Virtual & Cloud Infrastructure
Best Ways to Map Impact of Application Performance Issues on Business Goals
Hybrid Cloud Monitoring: Fundamental Driver of Efficiency in Hybrid Clouds
Quick Tips: Network and Application Infrastructure Checklist for the “Work From Home” Admin
Application Management Solutions for Enterprises

All White Papers...

10 Tips to Unify SOC and NOC
September 14, 2012

Amy Feldman
Broadcom

Share this

The following blog is by my colleague Sridhar Karnam, a product marketing manager for HP enterprise security, who has worked with both IT operations and enterprise security groups at HP:

The emergence of Enterprise 2.0 with social, mobile, local, and cloud applications within the enterprise have increased IT operational challenges. Other trends such as bring your own device (BYOD) are adding new dimensions that are challenging for IT Operations due to diversified form, OS, vendors, etc. Your customers and employees are demanding an open platform to facilitate better collaboration. However, your IT operations may not be in position to support Enterprise 2.0 or BYOD due to security challenges or resource constraints. So, how do you align your business requirements and IT resources, while keeping it secure?

In many organizations, security operations work in siloes to IT Operations. As a result, security vulnerabilities have to be handled twice: once by the SOC groups or security teams, and secondly by the IT Operations team who could not initially identify the issue.

Consequently, you cannot establish any automation for information sharing or event correlation between security vulnerabilities and performance issues. Let us see how some of these automation challenges can be addressed between security and IT Operations.

Here are 10 tips for efficient SOC/NOC collaboration:

1. Centralized approach

You can act only if you understand the problem. You can understand only if you can see the problem. So, you cannot secure it if you cannot see it.

How do you get visibility into all the problems in your IT?

Having a centralized approach to manage Big Data. Avoid patch solutions to fill gaps in your IT security. Don't rely on point vendors to help you with your IT issues. The complexity of the problem increases with multiple point solutions. Look for a single vendor with seamlessly integrated tools.

2. Consolidated view

Get a consolidated view of IT security, IT Governance, Risk, Compliance (GRC), and IT operations data. There are executive dashboards for each of them in the market; however, it is important to get a consolidated view of your entire IT aligning with your overall business.

3. Comprehensive log management

Avoid using tools that reduce the number of events to avoid false positives or limit the breadth and depth of data collection. With the emerging trends and explosion of data, you need to collect everything and analyze each log or event. So, use comprehensive log management solutions to manage your entire IT. Log management tools not only collect every log from all log generating sources but also help store the events for a long time after filtering and parsing.

4. Security-based event correlation

There are many event correlation tools with IT operations, however you need a security focused event correlation engine. It is important to connect users with roles, responsibilities, access controls, and trends to answer questions such as: Who did what? When? And how?

5. Network security

An IT operation has network monitoring tools. Security Ops also has security tools such as intrusion prevention system (IPS), however you need tools that integrate and augment these tools with log management and event correlation capabilities. Change management poses a risk within the network that can be mitigated and checked with these comprehensive log management tools integrated with network security tools.

6. Application security

Develop threat immunity through the development of applications. There are tools that can help you test your code for security vulnerabilities. If you are outsourcing or using 3rd party apps then there are tools to test the apps' vulnerabilities as well. If you cannot perform these tests through automation, you should at least do a manual QA of apps from a security viewpoint to ensure app security.

7. Network and applications security intelligence

Adding digital vaccination to IPS tools as described earlier, through a threat reputation database, keeps your network and apps updated with the latest known threats in the market. It is like updating your laptop security software except it has a database of every known threat and configuration change of every network component.

8. Unified data

The amount of data you handle will increase exponentially. The more security and network devices you add, the more data you create. So, you need to make sure that you unify the entire log data that you collect in various formats into a single format. This helps you to use the same unified data for searching, indexing, reporting, analyzing, and archiving the log and event data.

9. Simplify unstructured data

You are going from suppressed structured data into collecting and analyzing every single data for security breach using IT ops tools. This demands simplifying the handling of unstructured data. Data unification helps you keep all data in a simple flat file, enriched with metadata. Having a simple search tool enhances the user experience.

10. Resource optimization

Share tools, knowledge, and talent pool. These three will help you train a larger pool of IT people on both SOC and NOC tasks. You not only build domain expertise, but also keep the talent pool well-trained in case of attrition. If you follow the first nine tips, you could easily rotate jobs of IT managers in your organization and make them excited to work in your IT organization.

Amy Feldman is Director of AIOps Product Marketing at Broadcom
Share this

Hot Topics

APM
Cybersecurity
IT Culture
NPM/NetOps

The Latest

AI, Security, and Sustainability Are Major Drivers for IT Modernization
April 25, 2024

The use of hybrid multicloud models is forecasted to double over the next one to three years as IT decision makers are facing new pressures to modernize IT infrastructures because of drivers like AI, security, and sustainability, according to the Enterprise Cloud Index (ECI) report from Nutanix ...

The Past, Present and Future of DEX
April 24, 2024

Over the last 20 years Digital Employee Experience has become a necessity for companies committed to digital transformation and improving IT experiences. In fact, by 2025, more than 50% of IT organizations will use digital employee experience to prioritize and measure digital initiative success ...

Cloud Barriers Impact the Bottom Line
April 23, 2024

While most companies are now deploying cloud-based technologies, the 2024 Secure Cloud Networking Field Report from Aviatrix found that there is a silent struggle to maximize value from those investments. Many of the challenges organizations have faced over the past several years have evolved, but continue today ...

Full-Stack Observability in 2024 and the Importance of End-to-End Visibility for IT Teams
April 22, 2024

In our latest research, Cisco's The App Attention Index 2023: Beware the Application Generation, 62% of consumers report their expectations for digital experiences are far higher than they were two years ago, and 64% state they are less forgiving of poor digital services than they were just 12 months ago ...

MEAN TIME TO INSIGHT Podcast - Episode 5: Network Source of Truth
April 19, 2024

In MEAN TIME TO INSIGHT Episode 5, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses the network source of truth ...

Rapid Tech Expansion Creates Chaos for the Majority of Businesses
April 18, 2024

A vast majority (89%) of organizations have rapidly expanded their technology in the past few years and three quarters (76%) say it's brought with it increased "chaos" that they have to manage, according to Situation Report 2024: Managing Technology Chaos from Software AG ...

IT Trend: Growing Need for Automation
April 17, 2024

In 2024 the number one challenge facing IT teams is a lack of skilled workers, and many are turning to automation as an answer, according to IT Trends: 2024 Industry Report ...

Cloud-Native Technologies Produce Explosion of Data Beyond Human Ability to Manage
April 16, 2024

Organizations are continuing to embrace multicloud environments and cloud-native architectures to enable rapid transformation and deliver secure innovation. However, despite the speed, scale, and agility enabled by these modern cloud ecosystems, organizations are struggling to manage the explosion of data they create, according to The state of observability 2024: Overcoming complexity through AI-driven analytics and automation strategies, a report from Dynatrace ...

Challenges and Trends in Observability Adoption 2024
April 15, 2024

Organizations recognize the value of observability, but only 10% of them are actually practicing full observability of their applications and infrastructure. This is among the key findings from the recently completed Logz.io 2024 Observability Pulse Survey and Report ...

Calling for a New Era of Digital Observability: The Imperative for Comprehensive Internet Performance Monitoring
April 11, 2024

Businesses must adopt a comprehensive Internet Performance Monitoring (IPM) strategy, says Enterprise Management Associates (EMA), a leading IT analyst research firm. This strategy is crucial to bridge the significant observability gap within today's complex IT infrastructures. The recommendation is particularly timely, given that 99% of enterprises are expanding their use of the Internet as a primary connectivity conduit while facing challenges due to the inefficiency of multiple, disjointed monitoring tools, according to Modern Enterprises Must Boost Observability with Internet Performance Monitoring, a new report from EMA and Catchpoint ...