mfmahler

rharland2012 Thank you for sharing your story! It's awesome to resolve a long time issue in a matter of minutes! Yes, it does require skills and understanding of the technology, plus having the right tool(s). As jswan stated, it also needs knowledge of the network topology. You are good.

@byrona I'm encouraged that the information I shared is useful to others. Thank you for taking time to leave feedbacks here. I heard someone describing the difference between the regular IT folks and the infosec folks. IT folks make the life of people in a company easier while infosec folks make that harder. I don't know…

Thanks for participation here. Did you experience DDoS mitigation?

kevincrouch4 Is it that easy? I'm curious. Would you elaborate? Thanks.

Thank you, cahunt and thanks for stopping by.

A food of thought for you, syldra. Even though you said your organization was small (actually it doesn't matter small or large), imagine you can automate the visibility and control. We are in the process of linking the Asset Management with the MDM and the NAC.

cahunt It looks like that you have this BYOD under control. How many persons in the team(s) do your organization have to deploy, implement, and maintain these infrastructure and policies?

esther It looks like we are on the same page. Do you have some stories to share?

cahunt Thank you for sharing your valuable behind-the-scene information. It's big, just like Texas.

dwoj Agree. You guys have the same policy?

matthew.andress Actually, thank you for sharing your thoughts here. Our fundamental concept of information security remains pretty much the same in the past 10 years (stop the bad guys from outside and from within). But, boy, the infosec landscape has been changed so tremendously in the same period. You are right, the…

Rate limiting...

100% agree with you on defense in depth. For the soft chewy center, even if we put the shiny IPS/NGFW there, we'll have zero visibility to encrypted traffic. If you haven't seen my last year's post, Winning The Loser's Game of Information Security, you may want to check it out.

Excellent! Companies, no matter what the size, should seriously consider adding DDoS mitigation service provided by the service providers, if the companies' businesses rely on the presence on the internet. You just want the attacks to be stopped before they hit the wire of your internet presence. Thank you for sharing from…

ecklerwr1 That's an awesome NetFlow use case!

I can't wait to get rid of SNMP from my networking/network security devices and move 100% NETCONF. It's still scary to remember once OpenView brought down our internet when it SNMP walked our internet router.

jswan Good info and well said, as always! You pointed out the key of NetFlow which is interface-oriented. If the network is done by consultants, detailed documentation should be in SOW. If no detailed documentation is delivered, no payment.

esther I'm glad that the information is useful to you.

dwoj Do you agree that no matter spending on the front end or on the back end it won't be cheap?

Jfrazier Yeah, it's a good and simple (not weak) solution. And exceptions can be granted to VIPs' personal devices. The policies go from there.

Kurt H, absolutely and agreed!

Thank you, cahunt! I'm curious of your thought about NetFlow being spotty.

michael stump, that's an interesting shift in the policy. I wonder what was the driving force behind the shift. I've seen organizations received notices of copyright infringement from time to time because devices connected to the guest network were caught to download copyrighted stuff with P2P. Yes, IPS didn't catch…

kevincrouch4 That makes sense and it seems like a tradeoff. Then the identification portion needs to be improved and strengthen. Do you have any suggestion?

Thank you, Jim; I'm glad that you enjoyed the content I put up. I also want to say that thank you for taking time to share your thoughts here, too. Without go to hacker sites, you may want to check the excellent Hacking Exposed series to learn the hackers' minds.

Jim, thank you for stopping by here! You know what? You can sell the NetFlow solution to the security departments and the CIO, and get more budget to upgrade/expand the NetFlow system. Then NetFlow integrates to AD. The NetFlow feeds to the SIEM. Wow!

Thank you, Aaron Denning. Hope the information is useful to you.

Haha!

kevincrouch4 Agreed. Some vendors found it's pain of the neck to implement device control on Apple's iOS devices, but they have workaround.

belthasarx No problem. Today has been crazy since the morning for me, too. Thank you for sharing your encouraging story! It's awesome that your upper management realized the importance of the security and expanded the security team.