RE: NIPS Vendors explicit answer

[Frank Knobbe <frank () knobbe us>]

On Fri, 2004-04-30 at 20:36, Jason Haar wrote:
> > It seems that you have a failing/broken patch management system. I
> > would put resources towards fixing that instead of adding yet another
> > layer of band-aids (IPS).
>
> There are many types of businesses out there. Some businesses value
> security higher than others. Those businesses (whether they be
> multi-billion dollar companies or not) will have implemented security
> totally from policy down to technology - as you *should*. However, most
> companies (99%?) don't fall into that catagory - and I'd expect to see IS
> groups implementing technical solutions to (inherently) policy problems.


Heya Jason,

several folks, including you apparently, thought I was referring to
policies and procedures when I wrote "patch management systems". (One
responded even seemed to think I referring to IT management or staff).

No, I was referring to technical patch management solutions. Things like
Microsoft SUS, Windows Update, or home-grown patch delivery
programs/scripts. 

hmm... how do I phrase that.... patch installation applications.. how
about that? Those are products that are the proper cure (imo) to the
issue referred to. While I agree that IPS can provide short term
assistance in protecting networks from vulnerabilities of
yet-to-be-fixed software flaws, it is not the solution to the problem.
Patch installation systems are.

I'm still wading through heaps of email, and will probably respond later
to some folks individually. Just short note though -- I'm happy to see
that Vik made a similar comment (IPS not long term solution for broken
software). All too often do vendors sell their products as the magic
cure lasting until eternity. I'm happy to see that at least one vendor
has both feet on the ground.

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part