Educause Security Discussion mailing list archives
Re: Training advice
From: Pat Wilson <paw () PAWILSON NET>
Date: Mon, 18 Jun 2007 14:29:37 -0700
I'm going to agree with folks who're saying that you need to step back a minute and prioritize - first of all, are there policies in place regarding security? Is your central IT group strong? Is the computing model at your school more centralized or more distributed? If it's centralized, do those sysadmins have a reasonable level of consciousness about security, or is security something that someone else does? If the model is that departments handle lots of their computing needs, are _those_ sysadmins reasonably security-clued? How concerned is the school about their level of security exposure, and have there already been problems? Is this a brand new position, and if so, what prompted its creation? There are _lots_ of technical ways to monitor or bolster security, but without a clear road map of what you're trying to accomplish, you might spend too much time working on the solution to 10% of your problems, and miss the bigger stuff. The temptation is to wade right in and *do* something, but in the long run, it's better to understand what you're dealing with and have the policies in place to help other folks (like the sysadmins) make sure they're doing the Right Thing first, IMO. Snort is fun, and can be useful, but it can also turn into a huge time sync. Look at the SANS site, and the EDUCAUSE Security and Policy site. As for training, I'd suggest looking for venues like the recent EDUCAUSE Security Workshop or one of the SANS ".edu" courses (which happen from time to time at Universities, are reasonably priced), or go farther afield and consider the Usenix LISA conference (in Dallas this year), which generally has a good concentration of security topics and a large .edu attendee pool. Good luck, and please don't hesitate to contact me directly if I can help - I was the first Network Security Manager at UCSD, and know what it's like to walk into chaos. --paw Pat WIlson paw () pawilson net On Jun 18, 2007, at 12:01 PM, Vanderbilt, Teresa wrote:
I recently stepped into the title of Security Manager. We're a small school and this is a new position for us. I'd only maintained the servers, switches and firewalls before. I have no one to mentor me and very little budget for training. I can spend approximately $3-5K on formal training this year. I was thinking of a good online class so all the money goes toward training rather than hotels and travel. Until now, everything I've learned has been mostly on my own; although I recently attended Pentration Testing Training. What other training, both formal and informal, would benefit me and my school the most? I've been thinking of CCNA and I would like to learn how to use Snort since it's free. Will CCNA be beneficial or should I buy a good beginners book on Snort. Am I way off the mark for what I need to study? I need to get up to speed quickly and can't afford to guess at what I need. Please help. Thanks in advance, Teresa Vanderbilt University of the Ozarks
Current thread:
- Training advice Vanderbilt, Teresa (Jun 18)
- <Possible follow-ups>
- Re: Training advice Ken Connelly (Jun 18)
- Re: Training advice John Piercy (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Brad Judy (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Jim Dillon (Jun 18)
- Re: Training advice Sarah Stevens (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice David Lundy (Jun 18)
- Re: Training advice Pat Wilson (Jun 18)
- Re: Training advice Paul Keser (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Bob Ono (Jun 21)
- Re: Training advice Paul Keser (Jun 21)
- Re: Training advice David Lundy (Jun 21)
- Re: Training advice Theresa Semmens (Jun 21)
- Re: Training advice Bob Ono (Jun 21)
- Re: Training advice Paul Keser (Jun 21)
- Re: Training advice Jarrod Millman (Jun 22)