Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kinder, Gentler Security Scans?

Posted by Cliff on from the but-the-hackers-won't-send-a-memo dept.

klausner asks: "I'm working at a large company that is trying to be more thorough about things like network security scanning. When Security told Operations they were planning to do this, there were immediate screams of anguish, and insistence that scans could only be done in the maintenance window, only with prior notice, and with a bunch of other restrictions. Needless to say, this is less than ideal. Given the size of the network, it would take weeks to do a single scan set. However, it is reasonable to take steps to ensure that the scans do not interrupt business traffic, or cause undesirable side effects like crashing target systems. What sort of limits are the readers out there using to ensure safe scanning? Limiting the bandwidth to a fixed percentage? Limiting the number of simultaneous tests? What other kinds of things can I do to limit the scans effect on network performance?"

2 of 54 comments (clear)

  1. What are your companies priorities by MerlynEmrys67 · · Score: 4, Insightful
    Ok, does security have a priority at your company... Of course it does, doesn't it - No, I mean REALLY have a priority. Do you have a mandate to shut anything down that doesn't follow a certain policy, why isn't monitoring in that policy.

    Security is a range, it isn't a switch. If maximum compute power is of upmost important to you - go ahead, turn off all your virus scanners, personal firewalls, etc. . However, if you need security - turn those services on, monitor their compliance, and take the overhead that it requires.

    Scanning for security vulnerabilities at night won't do you any good if the PHB takes his laptop home w/ him, or joe user powers off his virus ridden PC every night before heading home. You must scan during the day (again, if that is important to your business).

    --
    I have mod points and I am not afraid to use them
  2. Restrictions by lightspawn · · Score: 4, Funny

    When Security told Operations they were planning to do this, there were immediate screams of anguish, and insistence that scans could only be done in the maintenance window, only with prior notice, and with a bunch of other restrictions.

    Just make sure Operations let the crackers know about these restrictions as well, and you'll be fine.