Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Down with DHCP!!!!

From: someone () somewhere com
Date: 21 Feb 2006 02:03:09 -0000
First off have you ever maintained a database for 2000 devices. I have it is next to impossible to keep accurate.

Your best approach is to go with a dynamic port based security using MAC address's and dot1x authentication.  You can 
then look into perhaps some sort of Host Based IPS/IDS perhaps Cisco CSA or ISS's Protectra suite.  There are all kinds 
of patch management/level assurance software that will help to keep that end of things taken care of.

You could go so far as to dynamically move PC's that do not check in with there patch level asurance software into a 
remediation VLAN.

Patrick

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: