Educause Security Discussion mailing list archives
border filtering questions
From: Jeff Murphy <jcmurphy () BUFFALO EDU>
Date: Mon, 28 Feb 2011 13:41:13 -0500
Good Monday Sec Folks, If you have a moment, can you hit reply, check the appropriate box and fill in the blank if there is one under that box? [ ] We don't block traffic to/from known bad addresses/netblocks at our border. [ ] We manually block traffic to/from known bad addresses/netblocks at our border (someone logs into a device and types in the address/netblock. frequency can be rarely-to-routine, I'm interested in whether you do it at all) [ ] We automatically* block traffic to/from known bad addresses/netblocks at our border using a border router (ACL) and free/homegrown software (software talks directly to the router) (*using some feed of addresses/netblocks, for example obtained via a SIEM or external intelligence sources) [ ] We automatically* block traffic to/from known bad addresses/netblocks at our border using a border router (ACL) and commercial software (software talks directly to the router) (*using some feed of addresses/netblocks, for example obtained via a SIEM or external intelligence sources) What's the name of the commercial software package/vendor: _____ [ ] We automatically* block traffic to/from known bad addresses/netblocks at our border using a commercial inline appliance (IPS, packet shaper, firewall) and free/homegrown software (software talks directly to the appliance) (*using some feed of addresses/netblocks, for example obtained via a SIEM or external intelligence sources, the feed is directly consumed by the appliance and not manually entered or pushed in via free/homegrown software) What's the name of the appliance vendor: _____ [ ] We automatically* block traffic to/from known bad addresses/netblocks at our border using a commercial inline appliance (IPS, packet shaper, firewall) and commercial software (software talks directly to the appliance) (*using some feed of addresses/netblocks, for example obtained via a SIEM or external intelligence sources, the feed is directly consumed by the appliance and not manually entered or pushed in via free/homegrown software) What's the name of the appliance vendor: ______ What's the name of the commercial software package/vendor: _____ Jeff, your survey is weak! I want to tell you more! Here it is: _________ I'll anonymize/summarize back to the list. thanks, jeff murphy information security program manager university at buffalo
Attachment:
smime.p7s
Description:
Current thread:
- border filtering questions Jeff Murphy (Feb 28)
- Re: border filtering questions Jeff Murphy (Feb 28)
- Re: border filtering questions Charlie Reitsma (Feb 28)
- Re: border filtering questions Valdis Kletnieks (Feb 28)
- Re: border filtering questions Jeff Murphy (Feb 28)
- Re: border filtering questions Anthony Maszeroski (Mar 01)