Checkpoint IPS

Matthew Huff mhuff at ox.com
Thu Feb 5 17:55:53 UTC 2015


What if you are a hosting company and those aren't your servers to patch?
What about the time to patch 200+ servers versus configuring one location?
What if you have to schedule the staff and maintenance window to patch the servers?
What if you have legacy equipment that you must continue using, but the vendor is slow to provide the patch.

There is a huge difference in what is good network/security designs between content providers, transit networks, eyeball networks, corporate networks, universities, etc... One size doesn't fit all.



----
Matthew Huff             | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC       | Phone: 914-460-4039
aim: matthewbhuff        | Fax:   914-694-5669

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Roland Dobbins
Sent: Thursday, February 5, 2015 12:48 PM
To: nanog at nanog.org
Subject: Re: Checkpoint IPS


On 6 Feb 2015, at 0:38, Raymond Burkholder wrote:

> There must some sort of value in that?

No - patch the servers.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>



More information about the NANOG mailing list