[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] intrusion detection - benifits?
When I think about IDS'ing an internal network it isn't because I think all my employee's are untrustworthy. I want an internal IDS for two reasons: 1. I don't know every employee in the company and someone somewhere probably has enough knowledge and a chip on his shoulder to make my life miserable and 2. if someone makes it through my external IDS and firewall, I want to know what they are doing on my internal net. The internal IDS will allow it. It only takes one pissed off employee to break into a system, and since they already have authorized access to a lot of things it make their job easier and our job more difficult. It's just another tool for the job. Phil Oh and by the way, holding a gun to someone, is not an analogy of network security. We are not threatening employees. We are an enabler not a disabler. Our job is to protect their interests, not frighten them. This is not an issue that you are wrong. You do not have to IDS your internal net. It is simply added security. If it is a cost issue, then you simply document that and get sign-off on that decision. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|