Hi all, I was wondering... How many of you are working for a SoC rather then being emplyed by an organisation who just does their own IT? In my case I am working for an organsiation that does their own IT (aprox 2500 users, 600 server, 2 locations, Internet connection (of course) ).
I find it difficult to find the time to really maintain the IPS environment in a decent way (SP 2.0, 2 Scanners, 30-50 host sensor, 2 G200's). Currently we are using a default ISS policy, but I feel it is not the right way to go. I'ld rather see servers grouped and maintain a policy per server group, then one policy. I mean, a one policy definately doesnt fit all. We use SMTP content scanners, Proxyies, webservers, smtp, dns, ssh, ssl, ipsec, etc. I feel a far more granular control is needed. So the question is, when you are working for an organisation that does their own IT and is comparable to the seize of the company where I work, do you do IDS / FW / Patching (combined or inidividual) etc as a main job or do you do it "on-the-side"? regards, Richard _______________________________________________ ISSForum mailing list [email protected] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
