Firewall Wizards mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: Frank Pawlak <fpawlak () wi rr com>
Date: Fri, 26 May 2006 08:05:19 -0500
This is most probably why I got out of the business a couple years ago. I was very frustrated with trying to sell the Idea of doing it right. Miss the geek factor of the work tho. I must start reading Dilbert again. Frank At 05:57 AM 5/26/2006, you wrote:
Frank Pawlak <fpawlak () wi rr com> wrote:Marcus, I agree that the security industry is all but dead, but what are the big financial firms, or perhaps the gov using for security systems.[snip] You mean financial firms like the ones that we keep hearing about suffering from data breaches/loss/theft? You mean the government that gets consistently low "grades" for systems security? When an end-user at a business I know of recently experienced trouble following instructions setting up a laptop on a WPA wireless network, an upper-level manager was alleged to have asked why it was so much more difficult than things like WiFi hot spots. When told it was because the company network was more secure, said manager replied "Well, maybe we need to reduce our security." There's a reason Dilbert is so popular. I think its partly humour and partly horrified fascination. Now imagine the processes that pass for "thinking" by management, reflected in Dilbert's world, applied to network security and what do you suppose you get? Well, you get things like this: There is a certain very large manufacturing firm (that shall remain unnamed) that's struggling financially. Said large firm's network has been seriously... uh... negatively impacted by... uh... "security breaches" (I'm being purposefully vague out of necessity) multiple times. For reasons *I* find inexplicable, they continue using the systems that are getting "owned" out of some misguided (IMO) view that they're "cost effective." With "thinking" like that, is it any wonder the firm in question is struggling? It's hard enough keeping up with, much less keeping ahead of, the bad guys as it is. Now add being hobbled by the kind of people that do not understand what networks and network security is all about, do not *want* to understand, and fail to heed the recommendations of those who do understand. I'm not really bitter, jaded or cynical. I am pretty disgusted, tho. Regards, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me know via my web form at <http://jimsun.linxnet.com/scform.php>. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG), (continued)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Paul D. Robertson (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Dave Piscitello (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 25)
- Message not available
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 25)
- Message not available
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Frank Pawlak (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Jim Seymour (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Frank Pawlak (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Carson Gaspar (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 25)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sushil menon (May 27)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 30)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)