mfmahler

Thank you, esther.

Well put, prowessa. No, you didn't divert from the article. Cloud has become a very interesting IT area, especially for information security. Cisco's CEO John Chambers commented in 2009 that cloud computing "is a security nightmare and it can't be handled in traditional ways." Now in 2014 we are still evolving our security…

jayson weiss Would you elaborate you thoughts on the open source, especially in information security?

garetht Ideally if the guest traffic can be sent to a different internet pipe or rate limit the guest traffic in the same internet pipe, that will be good. Otherwise, the internet bandwidth will take a hit and everyone is suffered, as Jim mentioned in his feedback here.

Aaron Denning Wow, you guys have really strict policy! I like it. I just wonder how many companies can actually enforce such a strict policy. Would you also share your MDM infrastructure?

Well put!!! And I believe that you understand the issues we face today. Thank you for sharing.

Thanks. Do you have any DDoS story to share?

Aaron Denning And the troublesome and time-consuming security / help desk procedure definitely scares people away unless they have "real" needs. BTW, thanks for sharing your MDM policy and procedure.

Yes, dwoj, it's there. Check it out on a NetFlow enabled switch/router.

Great post! I wasn't aware of the High Speed Logging until reading your post. When I put on my security hat, I wonder what would be the performance impact to the devices supporting HSL when under DDoS. Just a thought.

kevincrouch4 *Applause* Bravo! Bravo! *Applause*

jswan, good idea! Get security tools with multi-purpose and set up role-based access control. Even hopefully the costs can be shared by multiple departments. Yup, visibility and control. I hope no one, even for small businesses, would think that firewall alone is enough to protect the company.

Corey, that is cool! You are talking about being proactive here! And people can't lie about what's on the wire (network).

Well said, mbwalker. It all boils down to money and asking the simple question "How much is your data worth? To a competitor? To another country?" tends to get the attention of the C-level. Get your InfoSec right from the start!!!! It may cost you on the front end but it can save (your ****) on the back end! I think we are…

ttl Thank you for sharing these links. P.S. I like your username TTL.

kbthwack It's simple.

Usually it's hard to see the "cost saving" of the proper information security implementation, until too late. Think about the cost of credit report offerings of millions of your customers.

Thank you for your kind words.

Aaron Denning We use Cisco Prime, too. Both tools provide different functions. Show your Network Team this blog post. They may have a second thought about using NetFlow.

Thank you for the kind words, esther. I've learnt a lot from everyone's interactions and contributions here, too.

Thank you! How's your company prepare for and detect DDoS?

jayson weiss, apology accepted. We see open source everywhere, including enterprises. Does it save enterprise's money? Not really, if you add all costs, including manpower, together.

ZibaK Certainly more and more employers, big and small, have realized the importance and absolute necessity of the information security. In those organizations where data integrity and security are in highest priority, infosec folks are easier to come up with the requested budget.

That is great, mcam!

Jfrazier Yours is a good way to handle BYOD if the BYOD devices are treated as "guest" devices. Policies can also be applied to the BYOD network. Now, what about the BYOD devices need to be a part of internal network? The reason I ask is that one of the benefits of the BYOD is cost saving in company's assets. A company…

Jfrazier You are spot on for the local user groups! In this age of cyber activities, we need human interactions.

esther Are those devices that are allowed to access internal resources personal or company owned? Do you identify them with MAC address or require them to install MDM app?

byrona Thank you for sharing your thoughts and your company's "current" policy. I personally think its more cost effective overall for companies to just provide a company approved system (or a choice from a list of approved systems) with company approved software to all employees. I can see the way of the cost saving from…

You are welcome. As a user, I certainly want to secure my internet activities. But as an enterprise network security professional, I face the challenges of increasing encrypted traffic on the network.

bsciencefiction.tv Nice story. It's a balancing act because we are living in the budget constrains. The story of your folk remind me that our existence in an organization is to support the business needs of the organization. Banks, hospitals, research institutes, for example, have different business needs. As someone put…