RE: [ActiveDir] Desktop security solutions

[Michael B. Smith]

First, I’ll correct myself – CSA is Cisco Security Agent. :-P   It’s part of a layered defense. Some clients have chosen to deploy it everywhere (servers and desktops); others just on servers; others just on public-facing servers. Cisco recommends you put it everywhere (at a cost, of course).   It is quite effective at blocking “abnormal” communications (based on templates) between devices and blocking “abnormal” access (and changes thereof) to critical system files. It’s been effective in my environment and that of some of my clients, especially for some of the more recent vulnerabilities that have occurred.   Will it be effective for you? Probably. Is it worth the cost for you? I dunno. Is it worth evaluating? I think so.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Tuesday, May 11, 2004 10:46 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Desktop security solutions   But would you recommend it on an all server and all desktop deployment solution?  Or just internet facing servers and a few select clients?  And why? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Michael B. Smith Sent: Tuesday, May 11, 2004 7:07 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Desktop security solutions We've deployed CSA (Cisco Secure ACS) on several of our Internet-facing servers and for a few clients. It works surprisingly well.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Tuesday, May 11, 2004 7:58 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Desktop security solutions   What's everyone's opinion of desktop security software solutions like Cisco's ACS, which every time some application tries to change the registry or a file or something and it's not part of your pre-configured security template, it pops up an alert asking you if it's OK?  Mgmt is asking for this and I personally think it will be too much of a bear to make servers with their applications play well with it (or user desktops). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~