Once a week or once a month doesn't meet the requirement for 24/7/365
monitoring. Yes, the logs are 1005 reviewed .. but that isn't the same as
active, full time monitoring. However, it's a whole lot better than
nothing ...
"Andrew
Plato" To: <brvarin@private>, <crime@private>
<aplato@aniti cc:
an.com> Subject: RE: CRIME Checkpoint versus Sonicwall
Sent by:
owner-crime@c
s.pdx.edu
08/29/2002
09:56 AM
Which is exactly why Anitian started an on-site managed security service.
Most firms cannot afford a full-time analyst, so one of ours can come in
once a week (or once a month) and review all the logs and look for
trouble. Its less expensive than full-time managed care like Counterpane
and its all right in front of you where you can see it. No remote access
from unknown people in a data center is required.
-----------------------------------
Andrew Plato, CISSP
President / Principal Consultant
Anitian Corporation
(503) 644-5656 office
(503) 201-0821 cell
http://www.anitian.com
------------------------------------
-----Original Message-----
From: brvarin@private [mailto:brvarin@private]
Sent: Wed 8/28/2002 9:50 PM
To: crime@private
Cc:
Subject: Re: CRIME Checkpoint versus Sonicwall
For most companies, hiring 24/7 analysts is just not possible....But
outsourcing is. Companies like Counterpane will monitor your network and
alert you to "activity". Consider it ADT for your network. A lot of
companies can't justify the cost but have no problems paying decent sums
for senior citizens, ex-cons, and obese people to guard their buildings.
Go
figure.
From: Crispin Cowan <crispin@private>@cs.pdx.edu on 08/28/2002 04:04 PM
Sent by: owner-crime@private
To: Andrew Plato <aplato@private>
cc: crime@private
bcc:
Subject: Re: CRIME Checkpoint versus Sonicwall
>
True. But you have to be willing to invest the effort in hiring
security
analysts to look at the data the IDS is generating.
\
This archive was generated by hypermail 2b30 : Thu Aug 29 2002 - 16:29:08 PDT