So, firewall development is slowing/stopped. Intrusion detection is the
future.....then where?
Always looking a few steps ahead, there are some great intrusion
detection products around. Still the intelligence to configure the
filters, or interpret the output is required, but what about 'Remote
Security Management'?
What I explicitly mean by this is a VERY trusted third party receiving
and responding to alerts via a secure link to the internal LAN. Customer
worries like keeping up to date, knowing what is an intrusion pattern
etc. are removed. The customer has a 'team' of experts for the price
(annual fee) of one guy/gal.
Surely this approach has real merit to all involved? Especially the
customer.
Looking forward to your comments
-----------------------------------------------------------------
Edward Cracknell - <edward_at_SecurIT.net>
Independent Consultant with a cool domain-name!
Received on Dec 01 1997
Intro
