IDS mailing list archives
RE: NIPS Vendors explicit answer
From: "Jason Haar" <Jason.Haar () trimble co nz>
Date: Sat, 1 May 2004 13:36:01 +1200 (NZST)
Frank Knobbe said:
On Tue, 2004-04-27 at 10:39, Rob Shein wrote:In many large environments (like where I am right now) there can be confusion as to who is responsible for which system; the system in question may go unpatched as a result. When there's an IPS on top of everything, it makes a big difference, because now you have another layer of defense to protect it.It seems that you have a failing/broken patch management system. I would put resources towards fixing that instead of adding yet another layer of band-aids (IPS).
Frank - you're being a bit idealistic there... There are many types of businesses out there. Some businesses value security higher than others. Those businesses (whether they be multi-billion dollar companies or not) will have implemented security totally from policy down to technology - as you *should*. However, most companies (99%?) don't fall into that catagory - and I'd expect to see IS groups implementing technical solutions to (inherently) policy problems. It's just the way it is It doesn't make it right of course - just true :-) Jason --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- RE: NIPS Vendors explicit answer Jason Haar (May 01)
- RE: NIPS Vendors explicit answer Frank Knobbe (May 02)
- <Possible follow-ups>
- RE: NIPS Vendors explicit answer Brian Smith (May 01)
- RE: NIPS Vendors explicit answer Bob Walder (May 02)