i believe what kr5kernel is alluidng to, is using these tools in your production environment to help identify potential issues and i do note your concern that perhaps it should be your enterprise environment compliant. you are using cisco, heard of cisco works/solarwinds? there is also concord's (ca) ehealth suite, microsoft baseline analyser and microsoft operations manager (mom), to an extent wsus to help offset. your hp sims should also help with hardware management that in conjunction with mcafee's av and what they have done with foundstone whould hold you in good stead. i see in other posts you ask another question along single sign on and related to this post for me is a concern. what i would like to know is, where is your ict strategy in all of this? what role does ict governance/strategy play in purchases in your company/organisation? also, tools dont necessarily in themselves solve problems without the correct processes and procedures in place. hey before i forget, cisco trust agent (cta) and secuirty agent (csa) if you have the bread. otherwise, ethereal running on freebsd of course (hahaha) and the like will do nicely with proper filtering in place.