Industry View

Efficiency Through NOC/SOC Convergence

Under pressure to cut costs while raising service levels? Two SecureInfo executives say the pot of gold might lie in consolidating your network and security operations centers.

By Yong-Gon Chon and Bill Jaeger, SecureInfo

The combination of NOC and SOC can yield real benefit beyond the obvious annualized savings through elimination of redundant operational infrastructure and Tier 1 staff. Efficiency gains can be realized through the introduction of a single, integrated point-of-contact for all network and IT security events. Users will no longer question who they are going to call when there’s something strange in the neighborhood. Analysts will no longer need to cross reporting structures or navigate the political quagmire to investigate events that traverse network and/or security devices. Service levels can also benefit from a unified NOC/SOC through improved communication and increased situational awareness. Incident response time is reduced as a single group owns both the capability and responsibility for enacting mitigating measures. Additionally, staff attrition rates may also be reduced by supplying greater career paths across networking and security, thereby enabling your organization to retain critical tribal knowledge and maintain operational stability.

Convergence of NOC and SOC can be both practical and beneficial, combining the awareness and control of an enterprise’s nervous system with the defense and response of its immune system. Though not a panacea, integrated network and security monitoring, management, and response capabilities bring both self-aware and self-defending networks closer to reality.

Yong-Gon Chon and Bill Jaeger are executives at SecureInfo, a provider of information assurance solutions.

• Email
• Print
• Comments
• Digg This
• SlashDot

• Incident Detection, Response, and Forensics: The Basics