Security Basics mailing list archives
Re: UTM - Unified Threat Management system
From: sheeponhigh <sheeponhigh () gmail com>
Date: Mon, 13 Mar 2006 09:19:48 +0800
hi Ali, I agree with you that no solution can be "completely" secure. But i think UTM should do better. According to Bruce Schneier <Secrets and lies> 2000, 70% attacks are from insiders with a grudge, while all UTM features acts at gateway. That means UTM only manages the most 30% of threats. Should UTM think more about the rest 70% of threats? Is there any good solution to that 70%? 2006/3/7, Saqib Ali <docbook.xml () gmail com>:
Alice, No solution can be "completely" secure. All solution will be eventually comprised. They can only delay an attack. UTMs are good at delaying an attack because they provide detection, prevention and defense in depth. Defense in depth has three elements: 1) People 2) Technology 3) Operations UTM provide the 2nd element i.e. Technology. You still have to deal with "People" and "Operations" elements by Awareness / Training. On 3/4/06, Alice Bryson <abryson () bytefocus com> wrote:hi there, I want to do some research on UTM Unified Threat Management system. Could anybody know something about it? I have question that does a system protected by UTM is really security? Does UTM has some vulnerability in design?-- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- We collect spam for research at: mailto:abryson () bytefocus com --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- UTM - Unified Threat Management system Alice Bryson (Mar 06)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 13)
- Re: UTM - Unified Threat Management system Mario Platt (Mar 14)
- Re: UTM - Unified Threat Management system Alice Bryson (Mar 15)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 16)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)