IDS mailing list archives
RE: NIPS Vendors explicit answer
From: Frank Knobbe <frank () knobbe us>
Date: Sun, 02 May 2004 18:02:46 -0500
On Fri, 2004-04-30 at 20:36, Jason Haar wrote:
It seems that you have a failing/broken patch management system. I would put resources towards fixing that instead of adding yet another layer of band-aids (IPS).There are many types of businesses out there. Some businesses value security higher than others. Those businesses (whether they be multi-billion dollar companies or not) will have implemented security totally from policy down to technology - as you *should*. However, most companies (99%?) don't fall into that catagory - and I'd expect to see IS groups implementing technical solutions to (inherently) policy problems.
Heya Jason, several folks, including you apparently, thought I was referring to policies and procedures when I wrote "patch management systems". (One responded even seemed to think I referring to IT management or staff). No, I was referring to technical patch management solutions. Things like Microsoft SUS, Windows Update, or home-grown patch delivery programs/scripts. hmm... how do I phrase that.... patch installation applications.. how about that? Those are products that are the proper cure (imo) to the issue referred to. While I agree that IPS can provide short term assistance in protecting networks from vulnerabilities of yet-to-be-fixed software flaws, it is not the solution to the problem. Patch installation systems are. I'm still wading through heaps of email, and will probably respond later to some folks individually. Just short note though -- I'm happy to see that Vik made a similar comment (IPS not long term solution for broken software). All too often do vendors sell their products as the magic cure lasting until eternity. I'm happy to see that at least one vendor has both feet on the ground. Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- RE: NIPS Vendors explicit answer Jason Haar (May 01)
- RE: NIPS Vendors explicit answer Frank Knobbe (May 02)
- <Possible follow-ups>
- RE: NIPS Vendors explicit answer Brian Smith (May 01)
- RE: NIPS Vendors explicit answer Bob Walder (May 02)