Two workstations, one for standard corporate applications and locked down, the actual development machine should be in a separate subnet that's locked down and has access to only the required netwrok assets, which ideally should also be in that subnet.
Kurt On Tue, Nov 15, 2011 at 11:36, Bourque Daniel < [email protected]> wrote: > ** > Developper's stations... > > I don't know how you can lock them down... > > ------------------------------ > *De :* Stu Sjouwerman [mailto:[email protected]] > *Envoyé :* 15 novembre 2011 14:19 > *À :* NT System Admin Issues > *Objet :* Would you drop AV for Whitelisting / Application Control? > > So I'm asking a bunch of questions here, because I'm looking at writing > this**** > > story from a few different angles. If the ratio Malware to good code is 80 > - 20**** > > (which it is +/- at the moment) why not drop AV all together and lock down > those**** > > workstations and only allow good code to run? Saves budget.**** > > ** ** > > Your view? Input?**** > > > Stu **** > > ** ** > > ** ** > > ** ** > > ** ** > > ** ** > > *From:* Stu Sjouwerman > *Sent:* Tuesday, November 15, 2011 2:10 PM > *To:* NT System Admin Issues > *Subject:* RE: Whitelisting Pros & Cons?**** > > ** ** > > Oh, this an acquisition, that is why it's having such a high score! LOL > **** > > ** ** > > *From:* Doug Hampshire [mailto:[email protected]] > *Sent:* Tuesday, November 15, 2011 1:13 PM > *To:* NT System Admin Issues > *Subject:* Re: Whitelisting Pros & Cons?**** > > ** ** > > Clearly these results are flawed if McAfee Anything gets higher than a -3 > in any category. :-)**** > > On Mon, Nov 14, 2011 at 5:16 PM, Stu Sjouwerman <[email protected]> > wrote:**** > > Thanks Micheal. Anyone experience with any of the Whitelisting products in > this InfoWorld Review?**** > > **** > > > http://www.infoworld.com/d/security-central/test-center-review-whitelisting-security-offers-salvation-835? > **** > > **** > > **** > > *Bit9 Parity Suite 5.01***** > > *10***** > > *8***** > > *9***** > > *9***** > > *10***** > > *9.4***** > > *EXCELLENT***** > > *30%***** > > *15%***** > > *25%***** > > *10%***** > > *20%***** > > *CoreTrace Bouncer 5***** > > *9***** > > *9***** > > *9***** > > *8***** > > *9***** > > *8.9***** > > *VERY GOOD***** > > *30%***** > > *15%***** > > *25%***** > > *10%***** > > *20%***** > > *Lumension Application Control***** > > *8***** > > *9***** > > *8***** > > *9***** > > *9***** > > *8.5***** > > *VERY GOOD***** > > *30%***** > > *15%***** > > *25%***** > > *10%***** > > *20%***** > > *McAfee Application Control 5.0***** > > *9***** > > *9***** > > *9***** > > *8***** > > *8***** > > *8.7***** > > *VERY GOOD***** > > *30%***** > > *15%***** > > *25%***** > > *10%***** > > *20%***** > > *SignaCert Enterprise Trust Services 3.0***** > > **** > > **** > > **** > > *From:* Micheal Espinola Jr [mailto:[email protected]] > *Sent:* Monday, November 14, 2011 5:10 PM**** > > > *To:* NT System Admin Issues > *Subject:* Re: Whitelisting Pros & Cons?**** > > **** > > Whitelisting is the future IMHO. You cant trust anything anymore. Faith > doesnt cut it. You have to protect yourself and your assets, and > whitelisting is the best way to do it. > > -- > Espi**** > > **** > > **** > > ** ** > > On Mon, Nov 14, 2011 at 8:48 AM, Stu Sjouwerman <[email protected]> > wrote:**** > > I'm referring to Whitelisting in the context of security. About 10 years > ago, the ratio > "Good code" versus malware was perhaps 90 good 10 bad. In that scenario, > it makes > sense to keep the bad code out. But over the last 10 years, with automated > malware > variant generation, the tables have turned, and there is actually more > malware than > good code out there. So in -that- scenario it might make sense to only > allow "good code" > and implement application control. Only that which is allowed, will run. > > I'd like your feedback - input - discussion on this ! > > Warm regards, > > Stu**** > > > -----Original Message----- > From: Matthew W. Ross [mailto:[email protected]] > Sent: Monday, November 14, 2011 11:22 AM > To: NT System Admin Issues**** > > Subject: Re: Whitelisting Pros & Cons? > > Are you asking about web content filtering, email filtering, or some other > type of "whitelisting?" > > > --Matt Ross > Ephrata School District > > > ----- Original Message ----- > From: Stu Sjouwerman > [mailto:[email protected]] > To: NT System Admin Issues > [mailto:[email protected]] > Sent: Mon, 14 Nov 2011 > 08:14:57 -0800 > Subject: Whitelisting Pros & Cons?**** > > > Guys, I am writing an article for WServerNews, and would like your > > public input. > > > > What is your experience with Whitelisting, which products you > > tried/use, and what experience you are having with this, likes and hates > are all welcome !! > > > > Warm regards, > > > > Stu > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > Mise en garde concernant la confidentialité : Le présent message, > comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive > de son destinataire; il est de nature confidentielle et peut constituer une > information protégée par le secret professionnel. Si vous n'êtes pas le > destinataire, nous vous avisons que toute impression, copie, distribution > ou autre utilisation de ce message est strictement interdite. Si vous avez > reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur > par retour de courriel et supprimer le courriel. Merci! > > Confidentiality Warning: This message, including any attachment, is sent > only for the use of the intended recipient; it is confidential and may > constitute privileged information. If you are not the intended recipient, > you are hereby notified that any printing, copying, distribution or other > use of this message is strictly prohibited. If you have received this email > in error, please notify the sender immediately by return email, and delete > it. Thank you! > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
