Hi Gopi,
There are two approaches to this problem. One way is to go with the
Cisco Access Control Solution which would require any machine coming alive on
the network to go through a compliance check on things like Anti-Virus,Patches
etc. and if the machine is not compliant, then it would have a restricted
network behavior.
The other way is to go with Active/Passive Vulnerability scanners. These
products scan the machine for patch levels and vulnerabilities and generate
detailed reports. Number of products out there from companies like tenable,Eeye
and some also in the service model like Qualys. However, in this case you would
need to hook up the product with a patch management solution to automate the
whole process or individually go and install patches.
Thanks
Proneet.
------Original Message-----
From: Gopinath_Ramamoorthy@satyam.com [mailto:Gopinath_Ramamoorthy@satyam.com]
Sent: Monday, July 03, 2006 12:58 AM
To: focus-ids@securityfocus.com
Subject: IDS
Dear Team...
I have used few IDS in my network, doesn't found them working in the way i
wanted. My requirement is when there is a machine / laptop are connected to my
network, which is not updated with the current Patches, Security updates which
is being approved needs to be reported to the Sys admin and immediate necessary
steps would be taken. Is it possible to have this & if so suggest me the
options pls.
Regards,
Gopi
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
This e-mail and any documents transmitted with it are the property of SOUTHBank
F.S.B. ® and/or its subsidiary or affiliate companies, is confidential, and
intended solely for the use of the individual or entity the e-mail is addressed
to. If you have reason to believe that you have received this message in
error, please notify the sender and delete this message immediately from your
computer. Any other use, retention, dissemination, forwarding, printing, or
copying of this e-mail or attachments is strictly prohibited.
SOUTHBank, F.S.B. and/or its subsidiary or affiliate companies do not endorse
the use of unsolicited e-mail. If you believe this e-mail was sent to you in
error or you do not wish to receive these types of e-mail, please notify us by
forwarding this message to remove@southbank.com.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
