Brian,

Vendor disclosure: I work for CSC.

>IDS is best used as a enabling technology which when properly implemented

^^^^^^^^^^^^^^^^^^^^^^^
My take on this is that the debate seems to be missing the point of Bruce
Schneir's famous quote:

"Security is a process, not a product"

Whether a NIPS can be marketed the way firewalls used to be ( "Put in one
of these babies and your troubles are over!" ) and whether it delivers
actual security for an Organisation are two different things, the
difference being "properly managed by knowledgeable people."

Until Business gets the message that Technology won't give them what they
expect without people to tune/monitor/maintain it, they'll be wasting
money on expensive paperweights.

My .02

Regards,

tom.
__________________________________________________
Security Consultant/Analyst
CSC
Ph: +61 8 9429 6478 Email: tcleary2csc.com.au
----------------------------------------------------------------------------------------

This email, including any attachments, is intended only for use by the
addressee(s) and may contain confidential and/or personal information and
may also be the subject of legal privilege. Any personal information
contained in this email is not to be used or disclosed for any purpose
other than the purpose for which you have received it. If you are not the
intended recipient, you must not disclose or use the information contained
in it. In this case, please let me know by return email, delete the message
permanently from your system and destroy any copies.
----------------------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]