TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
Rajesh There are several issues around this - especially if you plan to just have one console (eg how you manage the keys for different users). One approach I've seen is to have one console which has, and keeps, master status for all sensors - then have another console which is able to monitor sensors but cannot claim master status because it is already taken. However you need to back this process up with reliable procedures. Whatever you do, whether you just have one or multiple consoles, you should also bear in mind the possibility of users editing policy files on the console themselves (if they're malicious) so even if they can't apply the new policy, their changes may be picked up the next time YOU apply the policy. It depends whether you want to protect against casual reconfiguration or deliberate malicious reconfiguration. One issue with multiple consoles is that you need to co-ordinate where you keep the true/live policies, else you risk having multiple policies at different levels. Jason On Tue, 14 May 2002 11:38:07 +0530, you wrote: > >HI, > >We are using Real secure 6.5 WGM and Network Sensors, we are planning to >give the console to 24X7 NOC Team for monitoring the events. But I don't >want them to edit the policies or any events. Is it possible to install >a console in a separate system with Read Only rights ( like in Firewall >1 Management console)? > >Waiting for your reply > >With Regards >Rajesh Vasudevan >Security Operations >Wipro Technologies >Bangalore >India >Ph: 91-080-8520408 Extn: 5138 > Jason Renard Warning - all views expressed are my own. I cannot guarantee the accuracy of everything I've said - use it at your own risk.
