Re: adding another defence layer against viruses/worms

[Juan B <juanbabi () yahoo com>]

Hi Aditya,

The client will implemt NAC for the pc's later the next year and he also has a proxy for web content filtering the 
thing is that I need an appliance (IPS ?) which will examine all the pc's traffic from the branches coming fron the 
pc's to the core of the network, but IPS its not enogh I think coase the IPS doensnt scan for viruses just for known 
attacks am I wrong?

They are worriend about trojans and viruses, they had a problem this year because of the confliker virusres that 
effected the network, the AV didn't cought it although it was updated.

I know NAC will help but I want something that will look on the wire also.
Some inline appliance but I don't know how to choose, mayve finjan or alladin?

Thanks

juan


Thanks,
Aditya Govind Mukadam
CISSP,CEH,JNSA-Advanced Security, JNCIA-UAC, JNCIA_SSL, CQS-PIX,CQS-VPN  http://in.linkedin.com/in/adityamukadam



On Tue, Nov 24, 2009 at 7:33 PM, Juan B <juanbabi () yahoo com> wrote:
> Hi all,
>
> I'm doing some security consulting for a client. this client have around 30 remote branches connected to his core. 
> the problem is that sometimes the AV fails to detect new viruses/worms coming from those branches so those 
> viruses/worms mess up his LAN.another problem is that the the client doesn't have much of control over the remote PCs 
> in the branches. so I thought about adding another layer of defence in which we will add an IPS (which Ips detects 
> also viruses/worms??) which will filter and scan all traffic coming from the branches.
>
> I just wonder if you guys agree with my suggestion.
>
> any comments will be welcomed.
>
> BTW,
>
> any recomendations for the IPS?
>
> thanks a lot
> juan
>
>
>
>
> ----------------------------------------------------------------------
> -- Securing Apache Web Server with thawte Digital Certificate In this 
> guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it 
> benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
> install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
> highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
> 42f727d1
> ----------------------------------------------------------------------
> --

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------






------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------