Security Basics mailing list archives
Re: UTM - Unified Threat Management system
From: "Alice Bryson" <abryson () bytefocus com>
Date: Wed, 15 Mar 2006 09:37:46 +0800
hi there That's a good idea to do something in inside network, but i think signature-based sensors are too passive, could there be a better solution? 2006/3/14, Mario Platt <mplatt () gmail com>:
You can also have IDS sensors in your inside network, that would help a lot in recognizing attack behaviour. Of course these solutions are very "signature based", an some "attacks" don't even use "ilegal schemes", but you can always create your signatures, or, for the extremely paranoid you can tcpdump all your network traffic, and analyze it line by line, but I don't think that's feasible :) On 3/13/06, Saqib Ali <docbook.xml () gmail com> wrote:Should UTM think more about the rest 70% of threats? Is there any good solution to that 70%?User Awareness / Training. Technical solutions will only go so far in preventing disgruntled employees from causing disruption. However you can you can train them to recognize this type of activity / behaviour before it becomes a problem. Also system auditing helps in the technical area. Also audit your authentication / authorization systems for data access. -- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------------------------------------------------------------------------------------ EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
-- Homepage:http://www.lwang.org We collect spam for research at: mailto:abryson () bytefocus com --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- UTM - Unified Threat Management system Alice Bryson (Mar 06)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 13)
- Re: UTM - Unified Threat Management system Mario Platt (Mar 14)
- Re: UTM - Unified Threat Management system Alice Bryson (Mar 15)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 16)
- Re: UTM - Unified Threat Management system sheeponhigh (Mar 13)
- Re: UTM - Unified Threat Management system Saqib Ali (Mar 08)