RE: NIPS Vendors explicit answer

From: Jason Haar (Jason.Haar_at_trimble.co.nz)
Date: 05/01/04

  • Next message: nick black: "Re: NIPS solutions" 
    Date: Sat, 1 May 2004 13:36:01 +1200 (NZST)
To: <focus-ids@securityfocus.com>

    Frank Knobbe said:
    > On Tue, 2004-04-27 at 10:39, Rob Shein wrote:
    >> In many large environments (like where I am right now) there can be
    >> confusion as to who is responsible for which system; the system in
    >> question may go unpatched as a result. When there's an IPS on top of
    >> everything, it makes a big difference, because now you have another
    >> layer of defense to protect it.
    >
    > It seems that you have a failing/broken patch management system. I
    > would put resources towards fixing that instead of adding yet another
    > layer of band-aids (IPS).

    Frank - you're being a bit idealistic there...

    There are many types of businesses out there. Some businesses value
    security higher than others. Those businesses (whether they be
    multi-billion dollar companies or not) will have implemented security
    totally from policy down to technology - as you *should*. However, most
    companies (99%?) don't fall into that catagory - and I'd expect to see IS
    groups implementing technical solutions to (inherently) policy problems.
    It's just the way it is
    It doesn't make it right of course - just true :-)

    Jason

    ---------------------------------------------------------------------------

    ---------------------------------------------------------------------------

  • Next message: nick black: "Re: NIPS solutions"