mfmahler

garetht I agree with you, too. I started my career as a web admin and I've seen more and more dependance on the internet, not only from businesses, but from daily life in general. Also as more and more business operations have been moving to public/private/hybrid clouds, internet service with backup that provides 100%…

We have more and more products and applications (for security or not) built based on the Open Source projects. The recent Heartbleed OpenSSL vulnerability had big impact even to security products and applications.

What about the BYODs on the network? Nowadays, they are as powerful as desktops in terms of their processing power.

Aaron Denning it's good to know that I am not alone . What you are experiencing happen to the IT folks in many organizations. See, Apple introduced enterprise support in iOS 8 this morning.

Well put, dwoj. I've found that infosec tools can be tested and learned with a decent laptop. Just be careful when connected to company's or home's network.

I would say that you added good points, too.

wbrown You are absolutely correct. IDS/IPS systems need fine-tuning. There is no one-fits-all set of rules. Every organization needs its own deployment for its particular environment. Even in the same organization, the web DMZ and internal user segments should have different IDS/IPS rules/policies.

Thank you, Corey! It's nice for you to go this route. Python becomes useful nowadays, not only for security, but also for network automation (SDN).

Totally agree with you, Kurt H. For web related traffic, we implement web proxy with WCCP, plus DLP with ICAP. The web traffic's visibility and control form there.