There are many of projects targeted at building a Security Operations Center (SOC). A SOC helps centrally monitor and control all your security elements and policy. It consists of a technical platform and an organizational team with security focus. The following diagram depicts the processes and activities inside and outside a SOC.
At China, it’s an honour to me to lead the team to design and build up the first SOC for a province mobile company at 2002. Thereafter, more and more SOC projects, especially at province companies of China Mobile, emerged. Security Command Center (CA), eSecurity, Arcsight, netForensics, Intellitactics, and other products from Micromuse, NetIQ, and even IBM and Symantec, began to fight against to each other.
Most of local security vendors choose the way to introduce those foreign SIM products into their own SOC solutions, as the bottom layer to collect and correlate security events/incidents, e.g. Lenovo and Topsec from ArcSight, iS-One from eSecurity, BOCO from netForensics, and so on. while Venustech is re-evaluating among those products after a period of time touching with Arcsight. For more information about those local security companies in China, please refer to my previous post.