Re: Re: End Point Security - relying on one vendor's product a weakness in itself?

[6us4jxp02 () sneakemail com]

With regards to the Total endpoint solution, for the most part I was taught and have learned that a completely multi 
vendor solution is the only way in which to achieve "Defense in Depth" or a "Layered Defense" approach.  But as I grew 
smarter and wiser in this field I have learned.  

Defense in Depth is layer technologies on top of one another, but has nothing to do with a vendor agnostic approach.  
What happens in a vendor agnostic approach is increased price and complexity.  While most vendors arent able to 
implement multi-vendor supported solutions because of the closed nature of software, we are stuck augmenting the 
operations of the solutions.  This drives up the complexity within our own network enviornments by at least 10 fold.

I have tested some of the new endpoint security solutions and the one thing that I have found is that they work pretty 
well, most of the new approaches have been to integrate entire solutions to include AV/AS, Firewalls, IPS/IDS, and 
other solutions.  They include everything that I need from one vendor which makes support issues easier. 

Just remember though, the comment posted previously which says if you have a hole in one machine, then you have them on 
all of your windows machines is incorrect.  The defense in depth approach means that you would have to have a hole 
through your Entire Security structure through the Gateway, then your firewall, then your core router, then your 
internal routing grid, then your servers, then your desktops and so on.  If you have this type of vulnerabillity or any 
mix of these then you need a security makeover by the extreme makeover business teams!  =)

In the end, choose what works best for you.  These solutions works well for my company of over 150,000+ people, but 
your company might have different needs.
Thanks,
HaYNstyle