SOC Planning

A to Z SOC Planning
(Security Operation Center)

A to Z SOC Planning (Security Operation Center)

Introduction of SOC Planning

With increase in the value of data, many countries and enterprises are starting to establish protection and management strategies to secure their information assets. In order to provide enhanced security and rapid response to security events throughout the network, building a SOC can be an essential task for your cyber security. SOC will be designed in the manner that optimally utilizes and draws out the performance of the equipment and the characteristics of heterogeneous security devices. The scope of SOC will be composed of infrastructure, information security, organizational structure, and operation.

Introduction of SOC Consulting

Infrastructure should be properly established based on the purpose and scope of SOC. In addition, environmental conditions and elements of physical environment should be considered in order to successfully establish a SOC.

  • - Interior : Video wall, A/V system, Miracle glass, Desks & Chairs for monitoring
  • - Electrical Work : UPS & AVR
  • - HVAC : Heating, Ventilating, and Air Conditioning
  • - Fire Detection System
  • - Access Floor (Server Room)
  • - PDU (Cabinet Panel)
  • - CCTV System
  • - Access Control System (Finger Print)
  • - Load: over 500kg/㎡
  • - Height: Minimum 3.5M
  • - Waterproof, dustproof and insulation
  • - Earthquake-resistant Design
  • - Delivery Route
  • - Minimize entrance number
  • - Outer Wall: Concrete/Bricks
  • - Briefing Room
  • - Future Expansion

Information Security

The solutions related to information security will be implemented step-by-step based on the establishment plan. It can be categorized as prevention, resistance, and monitoring & analysis systems in order to comprehend the purpose of each solution.

SOC Planning / Operation Devices, Prevention Systems, Monitoring & Analysis Systems, Resistance Systems, Network Devices SOC Planning / Operation Devices, Prevention Systems, Monitoring & Analysis Systems, Resistance Systems, Network Devices
Monitoring & Analysis Systems
SIEM, TMS
Operation Devices
NMS/SMS, Backup, HA system
Prevention Systems
VMS, DLP, Pen-test
Resistance Systems
FW, IPS, WAF, Anti-Virus, Anti-APT, Anti-DDoS, Contents Filtering
Network Devices
Router, Switch

Organizational Structure

Creating a proper organizational structure is essential as well as clearly establishing the roles and responsibilities of the SOC staff. The following graph shows an ideal organizational structure for a SOC.

Security Operation Center
Chief Security Officer
System Management Team
  • Security Administrator
  • Security Administrator
  • Server Administrator
  • Database Administrator
  • IT Management staff
Monitoring Team
  • Information Security Monitoring staff
  • Physical Security Monitoring staff
  • Network/Server Monitoring staff
Incident Response Team
  • Incident Management staff
  • Incident Response staff
  • Risk Management staff
  • Network Packet analyst
  • Malware analyst
  • Attack Pattern analyst
  • Hacking Trends analyst

Operation

In order to maintain a SOC to operate properly and effectively, we can provide guidance on main operational tasks of SOC based on your environment. Detailed tasks of each operation are as shown in the table below.

Security System Operation

  • Security Administrator
  • Network Administrator
  • Server Administrator
  • Database Administrator
  • IT Management staff

Incident Prevention Activity

  • Critical vulnerability management
  • Important asset management
  • Penetration test
  • Risk analysis and assessment
  • Latest security trends research and propagation

Security Monitoring Operation

  • Real-time monitoring and analyzing of information system events
  • Establishing detection rules and minimizing false positives
  • Cyber incident & threat detection and initial response
  • Network/Server availability monitoring
  • Regular/irregular report

Security System Operation

  • Incident response progress
  • Incident notification and report
  • Network packet analysis
  • Malware analysis
  • Cyber Forensics