Re: Resources expended to AV management solution.

[John Morrison <john.morrison101 () googlemail com>]

Paul,

Personally I would continue to use centrally managed systems that
require very little day-to-day effort. In the past I have always put
in the effort upfront to reduce my OpEx costs. If you use something
like McAfee’s ePO you can distribute all the updates and configure
policies from a single point. By creating at least two groups you can
check the updates first if you wish. For example, one (test) group
might consist of a number of devices used exclusively by IT personnel.
These could have all updates installed automatically when released.
The second group would be everything else and the updates could be
manually enabled once the test group is happy. This avoids loss of
business critical systems if an update should have unexpected
consequences and also ensures there is focus to resolve any issues
because it effects the IT guys. Of course you may want to split the
business critical systems in to two groups as well. The first might be
the main system and the second the backup systems.

The product also allows the centralised management of IDS/IPS,
firewall, software deployment, change control, etc. This method also
brings a number of additional benefits that can't be realised with
point solutions. For example, if there is a known vulnerability, but
no patch yet a HIPS rule can be deployed temporarily. Additionally by
blocking changes to end points that ave no been authorised you can
stop unknown attacks.

Further products like ePO allow management of compliance risk, data
loss prevention, NAC, etc. all through one interface and reporting
system. This means the daily operations guys have only a single
interface to learn and you have only one set of policies to maintain.
With unintegrated solutions I find that the effort involved in trying
to create a set of policies for different applications in a way that
they don't conflict is very difficult.

See
http://www.mcafee.com/us/enterprise/products/security_management_console/epolicy_orchestrator.html



2009/8/12 Paul Halliday <paul.halliday () gmail com>
> I am just looking for experiences with regards to what kind of
> resources a medium sized company or .edu (lets say 1000-5000 machines)
> expends towards managing their AV solution.
>
> How many people, how much time, etc.
>
> Thanks.
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------