Monitoring and Event Management of Critical Infrastructures
Document typeMaster thesis
Rights accessOpen Access
As cyberattacks are on the rise, enterprises must find a way to secure and monitor its critical IT assets in order to minimize any impact upon successful attacks. Critical Infrastructures are not only reduced to the Government and Public Sector; any kind of running business has some kind of IT infrastructure that is critical to the development of its daily operations. The present thesis delivers the design of a secure network architecture to monitor a critical infrastructure. It features basic perimeter security consisting of high-availability firewalls, a DMZ to properly isolate the internal network, a central location to store logs from selected hosts, and a Security Operations Centre based on a SIEM software (Splunk), making realtime monitoring possible via informational dashboards. Last of all, an alert scheme is implemented: an e-mail is sent out from Splunk should a critical service go down in the Critical Infrastructure.
Diseñar un sistema de seguridad, dentro del marco definido en un PDS (Plan Director de Seguridad), en el que se ofrezca una estrategia a un operador de infraestructuras críticas (IICC), frente a la Ley PIC.