Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE: IDS (was: FW appliance comparison)

From: Cat Okita <cat () reptiles org>
Date: Wed, 25 Jan 2006 00:16:16 -0500 (EST)
On Tue, 24 Jan 2006 chris () blask org wrote:
... and everything *is* of interest. Everything that is happening and has happened on a network is descibed in glorious detail by the logging of the devices and applications that make up that network. The only reason not to focus on producing that telemetry and making sense of it is because there is too much, which becomes a lame excuse after a long enough time. 

Well, yes - but where I want to focus my attention and how I want to
focus my attention are decidedly important.
Devices should be able to report on everything they do, there should be someplace to put all this stuff, and there should be tools to digest it appropriately. Some of the pieces necessary are coming together and it's generally the most usefull area to focus on. 

Would you care to elaborate on the way that you handle the vast amounts
of data that you collect, then?  Sorting the gold from the dross is a
monumental challenge on a good day.

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: