The budget is right but it's more of a skill and resourcing issue. The team that handles security policy is not "IT" and the Infrastructure team handles actual security.
In my experience, the challenges don't usually lay around having enough tools and resources as much as having a well-defined process that is then consistently used.
Too many silos even though budget is not an issue.
Budgetary constraints are only half the issue, The challenge lies where the responsibility demands attention, many just ignore the reality and go forth as if there is nothing wrong or threatening. It is a ubiquitous challeng for staff as well as the C-level folks for balance.
I think I see and agree with one of the common themes - time. Even with good upfront processes, its a never ending slugfest to remediate security and get other stuff done.
Vulnerability is even more esoteric than threat and most organizations seem to put vulnerability management into t category of "we'll get to it."
Second the budget thing. We have bought so many new tools recently, but do we really know how to use them all. debatable.
\m/
Cisco ASR Devices.pollerCisco ASR Devices
SWQL is built on the framework of SQL and as such supports most of the standard clauses as part of a query. A very simple example query is: SELECT Caption, IPAddress, Vendor, ResponseTime FROM Orion.Nodes Dissecting this query is relatively straightforward: show some fields (Caption, IP address, Vendor, and Response Time)…
Active SSL Tunnels-ASA.UnDPThis poller *should* display the number of Active SSL VPN (Anyconnect) Tunnels currently connected to your box. However, I tried it with my 5520 running 8.0.4 and for some reason I get a OID Not Supported. Here's my post in the forum: *EDIT* This is confirmed working with at least Interm release…
HP ProCurve Switches Hardening check.xmlGeneral hardening for HP switches
