Re: Cost of Worm Attack Protection

[<kgraham () rogers com>]

Back Ground:
I come from a company of 5K users spread across a large campus with several remote sites.  We have had various worms 
intrude on our day to day activities.  Without anything other than up to date anti-virus and some simple PIX type 
configurations it has been unpleasant.

Time cost: 
One attack slowing Internet traffic to a crawl.
Manpower: 2-3 Network 2-3 Data fairly dedicated over the course of a few days. Do the math for the cost of 6 senior 
people finding and cleaning infected machines. 

Quotes todate to implement a NIDS solution that encompasses external, DMZ, internal, server farms, 6 mid range devices 
100K. 

Quotes on HIDS solutions vary as per desktop and server but basically you are looking at 1-2K per server and 50-80 
dollars per desktop licence. 

Kim




> From: sgorman1 () gmu edu
> Date: 2003/11/13 Thu AM 09:35:47 EST
> To: nanog () merit edu
> Subject: Cost of Worm Attack Protection
>
>
>
> I was hoping to get some estimates from folks on the costs of defending networks from various worm attacks.  It is a 
> pretty wide open question, but if anyone has some rough estimates of what it costs per edge, manpower vs. equipment 
> costs, or any combination thereof it would be of great assistance.  We are doing some simulations of attack and 
> defense strategies and looking for some good metrics to plug into a cost benefit model.  We'd be happy to share the 
> results if anyone is interested as well.
>
> Thanks in advance,
>
> sean