Re: INtrusion Detection

[Frederick M Avolio <avolio () tis com>]

At 07:29 AM 2/17/98 -0500, Gary Crumrine wrote:
> One thing that I have noticed, is that we tend to deal in absolutes...  A 
> product has to meet x,y,z absolutely or it is considered BAD.  I totally 
> disagree with that thought stream.   Take a look at the needs of a bank, 
> VS. the little shop down the block that wants to protect their ten employee 
> internet connection.  Who's needs are more?  I think that the first answer 
> is both are equal.  But the poor guy doesn't have the $ to spend like the 
> bank.   He needs something...so he is willing to accept more of a risk, and 
> use something less robust IE Costing less.  It makes damn good sense to me 
> to recommend a product that may be less robust, but affordable in lieu of 
> him going totally without.....

I agree. I am speaking from a vendor perspective as well as from a user of
the technology, and an assessor of risks.  The complaint I have is not
against the above position, but against those who point to a security
solution that may be perfectly adequate for your "little shop down the
block" and claim that it is also suitable for the bank in your example.

Put another way, a "high end" security device suitable for the bank is
almost always (if money were no object) also suitable for the shop. You
cannot make the same statement in the other direction for a "low end"
device suitable for the shop. 

Fred