Comments on: Buying best of breed versus bundled services http://www.tssci-security.com/archives/2007/09/10/buying-best-of-breed-versus-bundled-services/ top secret/secure computing information Sat, 11 Oct 2008 12:50:37 +0000 http://wordpress.org/?v=2.2.3 By: dre http://www.tssci-security.com/archives/2007/09/10/buying-best-of-breed-versus-bundled-services/#comment-1648 dre Wed, 12 Sep 2007 15:20:47 +0000 http://www.tssci-security.com/archives/2007/09/10/buying-best-of-breed-versus-bundled-services/#comment-1648 You setup two Windows domains: one for servers and one for clients. Your server Windows domain gets BigFix. The client domain gets Symantec. Then you follow the Matasano <a href="http://www.matasano.com/log/646/matasano-security-recommendation-001-avoid-agents/" rel="nofollow">advice</a>. Marcin, I know that you and I have talked about DLP "soft" measures such as honeytokens, digital watermarking, and clipping services. My primary "hard" answer to the DLP problem will continue to be "thin clients" (see: http://safebook.net for a laptoppy thin client), but other possible answers include "whole disk encryption" and "epoxy USB ports". Make sure you tell your agent vendors that you are giving them the whole piece of the pie. Make it look like you're bundling. Consider other incentives as alternatives to bundling. I describe a lot of how this works on the SecurityIncite blog <a href="http://securityincite.com/blog/mike-rothman/2007-doi-day-1-get-with-the-program#comments" rel="nofollow">here</a>. You setup two Windows domains: one for servers and one for clients. Your server Windows domain gets BigFix. The client domain gets Symantec. Then you follow the Matasano advice.

Marcin, I know that you and I have talked about DLP “soft” measures such as honeytokens, digital watermarking, and clipping services. My primary “hard” answer to the DLP problem will continue to be “thin clients” (see: http://safebook.net for a laptoppy thin client), but other possible answers include “whole disk encryption” and “epoxy USB ports”.

Make sure you tell your agent vendors that you are giving them the whole piece of the pie. Make it look like you’re bundling. Consider other incentives as alternatives to bundling.

I describe a lot of how this works on the SecurityIncite blog here.

]]> By: LonerVamp http://www.tssci-security.com/archives/2007/09/10/buying-best-of-breed-versus-bundled-services/#comment-1643 LonerVamp Mon, 10 Sep 2007 20:01:58 +0000 http://www.tssci-security.com/archives/2007/09/10/buying-best-of-breed-versus-bundled-services/#comment-1643 Probably want to rank those three items. I'd rank anti-spyware below the other two. I'd then say absence of one is cause for concern, and I'd still make AV a hair more important than PF. So I'd lean towards whatever does AV the best and PF second. In more general terms, get the best for the most important tasks. I'd rather get a product that does AV/PF well and get something else for AS, as opposed to getting something that is pitiful with AS... I dunno how to generalize that further without looking at the business in question, the risks, the current environment, and their budget. :( Probably want to rank those three items. I’d rank anti-spyware below the other two. I’d then say absence of one is cause for concern, and I’d still make AV a hair more important than PF. So I’d lean towards whatever does AV the best and PF second.

In more general terms, get the best for the most important tasks. I’d rather get a product that does AV/PF well and get something else for AS, as opposed to getting something that is pitiful with AS…

I dunno how to generalize that further without looking at the business in question, the risks, the current environment, and their budget. :(

]]>