Checkpoint IPS

• Previous message (by thread): Checkpoint IPS
• Next message (by thread): Checkpoint IPS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6 Feb 2015, at 1:40pm, Roland Dobbins wrote:

> *Real* security mostly consists of *doing things*.  It requires skilled,
experienced
> people who have both broad and deep expertise across the entire OSI
model, are
> well-versed in architecture and the operational arts, and who understand
all the
> implications of scale.

And if there's one person qualified to comment on what "real security" is,
it's a person who has "never heard a plausible anecdote of [IPS] devices
actually 'preventing' anything." :-)

-Terry

On Thu, Feb 5, 2015 at 1:40 PM, Roland Dobbins <rdobbins at arbor.net> wrote:

>
> On 6 Feb 2015, at 1:26, Matthew Huff wrote:
>
>  Like it's been said before, I strongly support my competitors following
>> your advice.
>>
>
> Sorry - I've done the jobs, all of them.  They can be done properly, and
> are done properly by clueful operators.
>
> Oh, and what are operators who deploy these things supposed to do about
> *vulnerabilities in these devices themselves*?  That's a huge problem, they
> present a juicy attack surface, and exploits are discovered regularly.
> That's in the presentation, as well.
>
> I've heard these same tired arguments over and over again.  Folks tend to
> change their tune when their entire production infrastructure is rendered
> unavailable by a tiny DDoS which could be sourced from a single smartphone;
> it's just sad that so many are only ready to listen and learn after they've
> suffered serious production-impacting outages.
>
> If all it took to achieve *real* security - as opposed to 'compliance' or
> vendor marketing 'security' - were to write a check or cut a P.O. and drop
> some middlebox/middleblade in the network, we wouldn't be in the permanent
> state of security emergency in which we find ourselves.
>
> *Real* security mostly consists of *doing things*.  It requires skilled,
> experienced people who have both broad and deep expertise across the entire
> OSI model, are well-versed in architecture and the operational arts, and
> who understand all the implications of scale.
>
> Unfortunately, such people are relatively rare, even within the
> self-selected ranks of network operators - as several posts on this thread
> clearly demonstrate.
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
>

• Previous message (by thread): Checkpoint IPS
• Next message (by thread): Checkpoint IPS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]