|
-
April 27th, 2007, 12:45 PM
#2
We've been using Cisco MARS for a little over a year now.
http://www.cisco.com/en/US/products/ps6241/index.html
It's great compared to what we were using before... We were just using homebrew scripts to go out and look for certain events and to dump those in a report. Obviously, the firewalls and IDS and other network devices all had other logs... but it was not all in one place.  We were using a whole mix and it was a real pain to figure out exactly what was going on. We don't have dedicated people to sit around and just watch logs... We'd be lucky if we could find 1-2 hours in the week to pour through logs. I was using Bindview and having it go out to all the servers and report on important security events and then mail it to me.
http://www.bindview.com/products/index.cfm
The MARs took care of a lot of this for us. Once it's installed and fine tuned... it's great. There were a lot of false positives out of the box... but what system doesn't?
We choose Cisco, in part, because we were moving towards a full cisco network.
Last edited by phishphreek; April 27th, 2007 at 01:02 PM.
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
Similar Threads
-
By ThePreacher in forum Miscellaneous Security Discussions
Replies: 17
Last Post: December 14th, 2006, 09:37 PM
-
By gore in forum Operating Systems
Replies: 3
Last Post: March 7th, 2004, 08:02 AM
-
By hatebreed2000 in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: March 14th, 2003, 06:36 AM
-
Replies: 1
Last Post: July 15th, 2002, 03:46 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote