Badges

35 Points
5 Years

User Activity

About 2 years ago
About 2 years ago
Well I have been looking at Webinars and whitepapers and such for Palo Alto Prisma. It looks like a very complete cutting edge solution. Now I am not associated with Palo Alto at all, but I have heard Nir Zuk, the CEO of Palo Alto speak about his vision for security and it…
About 2 years ago
I agree with the users who mentioned Splunk. Splunk is a log message management platform, and they have an application called Splunk Enterprise Security. It can ingest AD, anti virus, door control systems, VPN gateways, etc, etc via the log messages they generate, and has…
Over 2 years ago
@reviewer1660839 Last I looked at ISE, and it has been awhile, ISE uses lots of different licenses, and one user might consume several of them depending on what he is doing. Each license last for 1-3 years and costs money. Did Cisco ISE change that and now only has one…
Over 2 years ago
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, temp sensors, etc would fall into this category. Then you have to leave the…
Over 2 years ago
So, IoT is not a specific technology. It simply refers to "things" that are NOT operated by human beings. So, surveillance cameras, door control, sensors, valve and flow controllers, things like that are TCP/IP network connected, and can be communicated with but in general…
Almost 3 years ago
The biggest issue with IoT for 2021 and forward are rogue/unauthorized devices. They are extremely vulnerable to exploitation and hard to detect.  The only answer to this I can think of is having a NAC to prevent and control their connection to the network. We are currently…
Over 3 years ago
Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unauthorized devices very quickly. But it has a lot of capabilities and really would take at least one person dedicated to train up in Forescout, plus a backup…
Over 3 years ago
Over 3 years ago
The biggest single mistake I see businesses making in monitoring cyber threats is relying on humans to check these threats manually. This is a big mistake and a waste of human capital. Humans are prone to error, and the large number of threat warnings that inevitably show up…
Over 3 years ago
No single product will detect all vulnerabilities. That is why in security we use the concept of "defense in depth". So for example, on the outside of the network, at the Internet/Enterprise edge, we should have a Next Generation Firewall (NGFW). Palo Alto or Cisco Firepower…
About 4 years ago
I am not sure how LogRhythm would be less expensive than Splunk. Splunk charges licensing by the GB of incoming logs. LogRhythm sells an appliance and it has a certain capacity. If you want more capacity you need an additional appliance. Splunk you add additional indexers…
Over 4 years ago
Answered a question: What Is SIEM Used For?
Security Incident and Event Management (SIEM) is an automated way to detect patterns that might indicate a security incident. Usually, the SIEM product will collect logs from all the networking devices and resources in an environment, and use AI or other logic to correlate…
Almost 5 years ago

Reviews

Answers

About 2 years ago
Security Information and Event Management (SIEM)
Over 3 years ago
Network Access Control (NAC)
Over 4 years ago
Security Information and Event Management (SIEM)

Comments

About me

18 years experience with routing, switching, voice, wireless, security, storage, and NMS. Cisco and Splunk certifications.