Security Basics mailing list archives

RE: Cisco CSA


From: "Dave Gonsalves" <dgonsalves () eagleinvsys com>
Date: Thu, 27 May 2004 13:49:08 -0400

I use CSA in my environment. It has its good points and bad points. It
will definitely stop viruses and the like from infecting your computers,
but it will also stop legitimate traffic as well. I definitely do not
worry about my critical servers on which the CSA is running. There is a
learning phase where you spend a lot of time monitoring logs and
tweaking the rules database. If you do choose CSA and deploy, it can
easily become a full-time job depending on the size of your deployment.


Dave Gonsalves
Information Security Officer
Eagle Investment Systems
www.eagleinvsys.com

The information contained in this e-mail may be confidential and is
intended solely for the use of the named addressee.
Access, copying or re-use of the e-mail or any information contained
therein by any other person is not authorized.
If you are not the intended recipient please notify us immediately by
returning the e-mail to the originator.




-----Original Message-----
From: Damon Brinkley [mailto:dbrinkley01 () rowan org] 
Sent: Thursday, May 27, 2004 8:55 AM
To: Cherian Palayoor; security-basics () securityfocus com
Subject: RE: Cisco CSA

Here's an article that ran recently in Network Computing that can
probably help you.

http://www.nwc.com/showitem.jhtml?docid=1508f2

Damon Brinkley
Systems Administrator
Rowan Regional Medical Center


-----Original Message-----
From: Cherian Palayoor [mailto:securinet2004 () yahoo ca]
Sent: Tuesday, May 25, 2004 7:35 PM
To: security-basics () securityfocus com
Subject: Cisco CSA


Hi,
 
Can anyone give me some feedback on the Cisco Security Agent. This
product claims to stop malicious behaviour on machines infected by any
malware.
 
We were recently hit pretty hard by Sasser. Cisco has since been trying
to sell us this product as a heuristic solution to malicious activity on
the network. The product does not depend on any signature updates and is
entirely behavioural.
 
Cisco puports to have successfully stopped Sasser from doing any damage.
 
Can anyone confirm this to be a fact. The product does not come cheap.
 
Thanks in advance.
 
Regards
 
Cherian


______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off any course! All of our class sizes are guaranteed to be 10 students
or less to facilitate one-on-one interaction with one of our expert
instructors. 
Attend a course taught by an expert instructor with years of
in-the-field pen testing experience in our state of the art hacking lab.
Master the skills of an Ethical Hacker to better assess the security of
your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off any course! All of our class sizes are guaranteed to be 10 students
or less to facilitate one-on-one interaction with one of our expert
instructors. 
Attend a course taught by an expert instructor with years of
in-the-field pen testing experience in our state of the art hacking lab.
Master the skills of an Ethical Hacker to better assess the security of
your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


Current thread: