Educause Security Discussion mailing list archives

Re: Fwd: Cisco Security Agent Webinar

From: Dan Glass <djglass () UNT EDU>
Date: Wed, 22 Oct 2003 16:04:28 -0500

I sat through a Cisco sales pitch of the Agent a few weeks ago and was
somewhat impressed with it's ability to stop buffer overflows, writing
to the system/system32 directory, and other assorted nasty behavior.
The software is behavior-based and features pre-configured 'profiles'
that can then be modified to suit the system administrators needs. On
the downside, you can expect a 3% hit to your resources.
I have a demo copy sitting on my desk but have not had the chance to run
it through its paces yet, so I do not know how well it does under *real*
pressure, or how it interoperates with various applications. However,
from what I have seen, behavior-based agents may be the next 'big' thing
in information security.


--
Dan Glass, MS
Information Security
Computing & IT Center
University of North Texas
email: djglass () unt edu
phone: 940.369.7800
gpg pub key:    0x3FF1DF8A
gpg fingerprint:9856 ED67 CEAE FF9A 4FBB  8246 FE0C 0C61 3FF1 DF8A

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Fwd: Cisco Security Agent Webinar Peter Charbonneau (Oct 22)
- <Possible follow-ups>
- Re: Fwd: Cisco Security Agent Webinar Dan Glass (Oct 22)
- Re: Fwd: Cisco Security Agent Webinar Chuck Crawford (Oct 22)
- Re: Fwd: Cisco Security Agent Webinar Pete Hoffswell (Oct 22)