Comments on: SOC in China http://sbin.cn/blog/2006/03/17/soc-in-china/ Technologies and comments on cloud and telecom security, bridging China and the world! Mon, 05 Mar 2012 09:33:01 +0000 hourly 1 http://wordpress.org/?v= By: romemeteor http://sbin.cn/blog/2006/03/17/soc-in-china/comment-page-1/#comment-265 romemeteor Thu, 06 Apr 2006 10:32:12 +0000 http://sbin.cn/blog/?p=208#comment-265 hi, joe, first Cisco Systems' Network Admission Control (NAC) and Microsoft's Network Admission Protection (NAP) initiatives will frisk any PC that wants to attach to your network. NAC and NAP cooperate with third-party software to check for the presence and status of antivirus and personal firewall software, report on the configuration of the machine, and look for patches. PCs that meet your standards gain entry; others can be denied access or shunted to safe (or restricted) network segments for remediation. In fact, it is really looked more like a Terminal Security Schema than anything else. and hi2005, although SOC refers to Security Operations Center, mainly based on SIM products, in fact, IT IS STILL A TOOL SUITE to provide CSO's decision proof. In other word, it should be served with CIO, CSO's decisions. That is the key to manage a good security infrastucture. Maybe, good idea is more important than some other security planform or tools. So if we could make use of the information(ie. logs, IDs, Statiscs, etc), dig the secret behind these data and orgazine them with our own style, we've got a really new world. Finally, I do want to express my opinion: Why Use IT? Why Risk IT? Why Secure IT? Why Manage IT? Why Break IT? Why Acquire It? ...... Who could answer these questions ? :) ps: romemeteor@Shanghai hi, joe, first Cisco Systems’ Network Admission Control (NAC) and Microsoft’s Network Admission Protection (NAP) initiatives will frisk any PC that wants to attach to your network. NAC and NAP cooperate with third-party software to check for the presence and status of antivirus and personal firewall software, report on the configuration of the machine, and look for patches. PCs that meet your standards gain entry; others can be denied access or shunted to safe (or restricted) network segments for remediation. In fact, it is really looked more like a Terminal Security Schema than anything else.

and hi2005, although SOC refers to Security Operations Center, mainly based on SIM products, in fact, IT IS STILL A TOOL SUITE to provide CSO’s decision proof. In other word, it should be served with CIO, CSO’s decisions. That is the key to manage a good security infrastucture. Maybe, good idea is more important than some other security planform or tools.
So if we could make use of the information(ie. logs, IDs, Statiscs, etc), dig the secret behind these data and orgazine them with our own style, we’ve got a really new world. Finally, I do want to express my opinion:
Why Use IT? Why Risk IT? Why Secure IT? Why Manage IT? Why Break IT? Why Acquire It? ……

Who could answer these questions ?
:)
ps: romemeteor@Shanghai

]]> By: hi2005 http://sbin.cn/blog/2006/03/17/soc-in-china/comment-page-1/#comment-264 hi2005 Tue, 21 Mar 2006 05:30:28 +0000 http://sbin.cn/blog/?p=208#comment-264 hi, Joe, i am afraid that there might be some differenct between your SOC and mine. Here SOC refers to Security Operations Center, mainly based on SIM(security information management) products, and enhanced with trouble ticket system, assets management, vulnerability management and security monitoring and etc. The major players in this area are CA, Arcsight, netForensics, IBM, Symantec, and etc. please refer to the following diagram at: http://www.flickr.com/photos/zhaol/115698640/ hi, Joe, i am afraid that there might be some differenct between your SOC and mine. Here SOC refers to Security Operations Center, mainly based on SIM(security information management) products, and enhanced with trouble ticket system, assets management, vulnerability management and security monitoring and etc. The major players in this area are CA, Arcsight, netForensics, IBM, Symantec, and etc. please refer to the following diagram at:

http://www.flickr.com/photos/zhaol/115698640/

]]> By: JOE JOE HUANG http://sbin.cn/blog/2006/03/17/soc-in-china/comment-page-1/#comment-263 JOE JOE HUANG Tue, 21 Mar 2006 03:16:38 +0000 http://sbin.cn/blog/?p=208#comment-263 There are 3 major players in SOC: Cisco NAC, Microssoft NAP and Juniper's Infranet. It seems market will force these three heads to cooperate. What's your comment on this? If not, who will dominate eventually? There are 3 major players in SOC: Cisco NAC, Microssoft NAP and Juniper’s Infranet. It seems market will force these three heads to cooperate. What’s your comment on this? If not, who will dominate eventually?

]]>