RE: NIPS Vendors explicit answer

["Jason Haar" <Jason.Haar () trimble co nz>]

Frank Knobbe said:
> On Tue, 2004-04-27 at 10:39, Rob Shein wrote:
> >   In many large environments (like where I am right now) there can be
> > confusion as to who is responsible for which system; the system in
> > question may go unpatched as a result.  When there's an IPS on top of
> > everything, it makes a big difference, because now you have another
> > layer of defense to protect it.
>
> It seems that you have a failing/broken patch management system. I
> would put resources towards fixing that instead of adding yet another
> layer of band-aids (IPS).

Frank - you're being a bit idealistic there...

There are many types of businesses out there. Some businesses value
security higher than others. Those businesses (whether they be
multi-billion dollar companies or not) will have implemented security
totally from policy down to technology - as you *should*. However, most
companies (99%?) don't fall into that catagory - and I'd expect to see IS
groups implementing technical solutions to (inherently) policy problems.
It's just the way it is
It doesn't make it right of course - just true :-)

Jason



---------------------------------------------------------------------------

---------------------------------------------------------------------------