Re: Where do firewall Admins Sit in An Company

[Tony Miedaner <miedaner () twcny rr com>]

Thanks for the response.

Ahhh...the problem is that if security doesn't know the baseline and 
doesn't know the network and the services running on it (keep in mind very 
large network) how effective is it.

At 06:55 PM 6/3/2003 -0400, Bill Royds wrote:
> But security should be looking after exceptions,
> not operations.


Please don't take the above (or below) the wrong way,  I am just trying to 
consider the pros and cons of the security mainstream thought and I am not 
sure it works in an under-funded environment.  It seems to me that 
something is missing in the organization that one analyst watching 40-50 
adminstrators and 300-100 devices.

Also, the structure seems to me to be a pretty good model for passing the 
blame onto the security analyst when that person has no real guarantee that 
anything gets done.  The "why didn't they see it"  or "they didn't tell me 
it was critical" or my favorite "they only sent one email about it".  Why 
is it the structure places the burden of being sure that nothing bad is 
going on someone that cannot act immediately.



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards