RE: IPS OR NAC

Right, and the question about how was already answered (HIPS, AV,
anti-malware, VM sandboxes even). I was just making the point about
security mindset.

Steve Means

CCSP/CCNP

CCSI# 32951

Instructor / Consultant

Email: smeans_at_ccbootcamp.com

Toll Free: 877-654-2243

International: +1-702-968-5100

Skype: skype:ccbootcamp?call

FAX: +1-702-446-0357

Training And Remote Racks: http://www.ccbootcamp.com

From: Iam Here [mailto:go_soon2010_at_hotmail.com]
Sent: Wednesday, August 24, 2011 10:20 AM
To: Steve Means; marcabel_at_gmail.com
Cc: pbhatkoti_at_gmail.com; ccielab_at_groupstudy.com; cisco_at_groupstudy.com
Subject: RE: IPS OR NAC

I'd like to protect the server from the users who downloading/uploading
the files from/to the server and make it infected

> Subject: RE: IPS OR NAC
> Date: Wed, 24 Aug 2011 09:49:02 -0700
> From: smeans_at_ccbootcamp.com
> To: marcabel_at_gmail.com; go_soon2010_at_hotmail.com
> CC: pbhatkoti_at_gmail.com; ccielab_at_groupstudy.com; cisco_at_groupstudy.com
>
> Just to expand on this, an IPS is as good as the signatures and
tuning.
> You need to look specifically at what you're protecting the server
FROM
> and what it is vulnerable TO. If you don't answer these questions
first
> it's like saying you want to take a road trip, just get in the car and
> start driving with no destination in mind. In security, it is ALWAYS
> strategy before tactics.
>
> Steve Means
> CCSP/CCNP
> CCSI# 32951
> Instructor / Consultant
> Email: smeans_at_ccbootcamp.com
> Toll Free: 877-654-2243
> International: +1-702-968-5100
> Skype: skype:ccbootcamp?call
> FAX: +1-702-446-0357
> Training And Remote Racks: http://www.ccbootcamp.com
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
Of
> marc abel
> Sent: Wednesday, August 24, 2011 6:48 AM
> To: Iam Here
> Cc: pbhatkoti_at_gmail.com; ccielab_at_groupstudy.com; cisco_at_groupstudy.com
> Subject: Re: IPS OR NAC
>
> IPS is more for protecting web-servers and such against direct
> attacks. Things like SQL injection attacks, buffer overflows, etc. It
> won't help much for malware.
>
> On Wed, Aug 24, 2011 at 8:28 AM, Iam Here <go_soon2010_at_hotmail.com>
> wrote:
> > What about the IPS ?
> >
> >
> >
> >
> > Date: Wed, 24 Aug 2011 23:25:10 +1000
> > Subject: Re: IPS OR NAC
> > From: pbhatkoti_at_gmail.com
> > To: go_soon2010_at_hotmail.com
> > CC: ccielab_at_groupstudy.com; cisco_at_groupstudy.com
&g t ; >
> > What are you trying to protect?
> >
> > a) server
> > or
> > b) clients?
> >
> > for a) --> Use AV or AV+HIDS based solution. not NAC/IPS.
> > for b) --> use HIDS+AV
> >
> > I'd simply protect both with AV solution like Symantec.
> >
> >
> >
> > On Wed, Aug 24, 2011 at 10:39 AM, Iam Here <go_soon2010_at_hotmail.com>
> wrote:
> >
> > I have a server in my copmany and all the users access it as Shared
> Server.
> > But unfortunatetly it's infected with virus and worms
> > How can i protect my Server ?What is the best solution to protect it
?
> > Should i use IPS or NAC ?
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> >
>
Received on Wed Aug 24 2011 - 10:47:26 ART