RE: Re: End Point Security - relying on one vendor's product a weakness in itself?

["Paul Yeo" <Paul.Yeo () wdc com>]

Hi HaYNstyle,

Could you shed some lights as in what kind of systems, from which vendor
that you used for your defense-in-depth approach. I am a complete newbie in
this concept, while digging through the web. Can someone help to point me to
the correct direction?

Thank you very much!

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of 6us4jxp02 () sneakemail com
Sent: Thursday, March 06, 2008 8:40 PM
To: security-basics () securityfocus com
Subject: Re: Re: End Point Security - relying on one vendor's product a
weakness in itself?

With regards to the Total endpoint solution, for the most part I was taught
and have learned that a completely multi vendor solution is the only way in
which to achieve "Defense in Depth" or a "Layered Defense" approach.  But as
I grew smarter and wiser in this field I have learned.  



Defense in Depth is layer technologies on top of one another, but has
nothing to do with a vendor agnostic approach.  What happens in a vendor
agnostic approach is increased price and complexity.  While most vendors
arent able to implement multi-vendor supported solutions because of the
closed nature of software, we are stuck augmenting the operations of the
solutions.  This drives up the complexity within our own network
enviornments by at least 10 fold.



I have tested some of the new endpoint security solutions and the one thing
that I have found is that they work pretty well, most of the new approaches
have been to integrate entire solutions to include AV/AS, Firewalls,
IPS/IDS, and other solutions.  They include everything that I need from one
vendor which makes support issues easier. 



Just remember though, the comment posted previously which says if you have a
hole in one machine, then you have them on all of your windows machines is
incorrect.  The defense in depth approach means that you would have to have
a hole through your Entire Security structure through the Gateway, then your
firewall, then your core router, then your internal routing grid, then your
servers, then your desktops and so on.  If you have this type of
vulnerabillity or any mix of these then you need a security makeover by the
extreme makeover business teams!  =)



In the end, choose what works best for you.  These solutions works well for
my company of over 150,000+ people, but your company might have different
needs.

Thanks,

HaYNstyle