Dan Lynch wrote: > Any input you can offer is greatly appreciated. One of the more important factors to consider, I think, is if the reporting fits your planned workflow, or if you have to butcher it to make it work. I'm thinking mainly of the things that have to be done: the 'action lists' to be given to the sysadmins. If reporting can be done in terms of their real areas of responsibility it's better than if you get a report in terms of C-nets, or types of vulnerability, and have to cut and paste it to the form you want it. Of course, in a stable network, it may not matter much, and things won't change a lot. In a newwork with only one sysadmin, again, this is not a major issue. In a university-type network -- lots of more or less autonomous nets where anything can and does happen -- it may be very important to ensure reports get out as quickly as possible. -- Anders Thulin anders.thulinat_private 040-661 50 63 Ki Consulting AB, Box 85, SE-201 20 Malmö, Sweden top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
This archive was generated by hypermail 2b30 : Fri Mar 28 2003 - 10:51:36 PST