While I agree wholeheartedly that hardening your server is the first step,
it would be silly and futile to put all of your eggs in one basket. How
many security flaws did M$ report on Win2k last year? After hardening and
best practices have been applied, you need a product like BlackIce which
may provide DAY ONE protection. Patches? Yes, apply them after they have
been tested in your environment, but that leaves a window of opportunity
for others. Apply untested patches and your system may be down for a
while. BlackIce is a necessary tool to help fend off these holes. I have
been using BlackIce for about 3 years and the product has gone from a good
last line of defense to an unbelievably great product. Sure it has its
flaws but not in the area of defense. Sure there have been a lot of old
versions that were troublesome, but no other soft firewalls-IDS that I
know of could compare (during the same time frame on a system with OPEN
ports). No, it is not perfect yet, but as another line of defense on
something as important as a web server or email server it is money well
spent.
Just my 2 cents worth.
Ric Griffy
>
