Security Basics mailing list archives
Re: Evaluating the security level of a firewall
From: "Meritt James" <meritt_james () bah com>
Date: Tue, 27 May 2003 12:37:38 -0400
James Fields wrote:
It's not a matter of Nessus or any other tool being "good enough" - the point goes back to what you friend said about being too busy. I have a limited number of hours per weeks. I manage 8 firewalls, numerous IDS sensors and maintain about 50 VPNs for my company. I also am part of a team responsible for managing our routers, switches, etc. I do not have time to research, on a regular basis, everything going on in the industry. I've been told some companies hire security people who do nothing else - but I've yet to work at such a place, and can't say what it would be like...
Sounds like someone does not do a very good job of prioritization or allocation of resources. What is the problem, not how do you handle a solution. -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566 --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Evaluating the security level of a firewall yannick'san (May 26)
- Re: Evaluating the security level of a firewall James Fields (May 27)
- Re: Evaluating the security level of a firewall Meritt James (May 28)
- Re: Evaluating the security level of a firewall James Taylor (May 27)
- RE: Evaluating the security level of a firewall Roger Bou-Aoun (May 29)
- Re: Evaluating the security level of a firewall James Fields (May 27)