Chapter 4 - Planning

This chapter provides practical information for planning every step of deployment process for a host integrity monitoring system (HIMS), including the initial setup and build environments, agent deployment, establishing management console, and administration. One of the initial steps in planning a host integrity monitoring deployment is to understand the role that it will play in the security architecture. Host intrusion prevention is best applied towards the active and dynamic defense of a host from non-specific threats. When a host is deployed, it should be locked down and steps are taken to prevent it from being abused or compromised. Host integrity monitoring allows gaining visibility into the specifics of what has occurred in a host environment. Three principles that need to be considered throughout a planning process are—make everything simple, keep functionality to a minimum, and document the requirements. The chapter also presents the major issues need to be considered when establishing requirements document for the host integrity monitoring deployment.