TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Hi Tai,
Looks like you got the angles covered, have you put it through to the
Product Manager in charge of System Scanner?
He or she is the person you must be get hold of; some organisational
information for you.
Knowing is one thing, getting the right person to take action is more
important.
Anyway, think if this thread carries on, they will probably come on board :)
Guess I have become a moderate, always try to see the argument on both sides
of the fence.
Well, go with the passion and good luck.
J
----- Original Message -----
From: "tai" <[EMAIL PROTECTED]>
To: "Johnny Kho" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, July 21, 2001 11:18 AM
Subject: Re: Quick question about system scanner
> On Sat, 21 Jul 2001, Johnny Kho wrote:
>
> [tips on CLI in agents]
>
> Thanx for the tips about the CLI on the agents. I will certainly
> look into it, though I know for a fact that my management prefers an off
> the shelf product to something we have to build ourselves (or we would
have
> used nessus :))
>
> > Totally agreeable on the engineers and business precedence over security
> > statement...sad to say IT or engineering careers always demands the most
out
> > of anyone's personal time and life. Business always rules and security
as an
> > afterthought ...sad reality and total diasaster when business is
affected
> > due to this oversight.
>
> This is why I feel it is sad that the attitude (per my last email
> about the 2 kinds of engineers) is that if you don't care, you go to
> business school. I feel that if you don't care, you get out. Period. Oh
> well :) Seriously though, I think everyone here should be educating their
> management as to why security is actually good business sense (just like
> backups and so on).
>
> > Lastly, it is really a business case for a feature to be included. I
have
> > asked previously and presented with the following task...
> >
> > You will need to reflect the size of deployment; corporate implications
> > faced and probably expected development path eg. growth
>
> For me, you're looking at a company recognized around the world,
> you are looking at corporate deployment for scanning _ALL_ our servers in
> about 5 data centers (not including our subsidiaries) and 150,000
> employees. Oh, we've been in the top 5 fastest response websites for a
> long time too :) That's why our data center folks rulez! They know they
> can't depend on NT for such things *evil grin* *tweaks those buttons* :)
>
> > If you can consolidate this data for your organisation; push it through
to
> > your management; get someone higher up to sign off...
>
> We have. Why do you think we still don't have it deployed.
> However, times are hard, and budget cuts mean we have to go with something
> that we have already paid for, rather than a brand new contract with
> another company. No one on the team wants to run it on NT. No one in the
> security dept (which I belong to) wants to run it or any other mission
> critical or security software on NT.
>
> > That will be a case for ISS guys to take note and get funds and manpower
> > into the development task.
>
> They have known about our concerns for a long time now. Until I
> got on to the team, they don't have a person who's willing to speak up and
> speak up loudly and publicly for what he feels is wrong. And sorry about
> being inflammatory here guys, but running security software on a platform
> where security is forced to take a back seat gets me just *right there* :)
>
> -Tai
> --
> http://philip.greenspun.com/bg/
> http://www.vcnet.com/bms/features/serendipities.html
> http://www2.hunter.com/~skh/humor/admin-horror.html
> http://www.despair.com/demotivators/cluelessness.html
>
