Algorithm for Baselining, Remediation and Escalation

Step 1.0 Input

1.1 Obtain data from the access, distribution and core layers of the network

1.2 Analyze log data from Firewall, IPS/IDS, Routers, Switches, Access Points, Servers, Services and End-Devices

1.3 Induce regular periodic baseline for all layers, devices and services

Step 2.0 Output Log analysis

2.1 If Analyzed Log is Abnormal

Review In-Built Automatic Remediation Capability List

If Automatic Remediation Possible

Proceed to Remediate


Escalate to SOC Analyst

End if


Log Event

End if