[177783] in North American Network Operators' Group
RE: Checkpoint IPS
daemon@ATHENA.MIT.EDU (Matthew Huff)
Thu Feb 5 12:56:02 2015
X-Original-To: nanog@nanog.org
From: Matthew Huff <mhuff@ox.com>
To: Roland Dobbins <rdobbins@arbor.net>, "nanog@nanog.org" <nanog@nanog.org>
Date: Thu, 5 Feb 2015 17:55:53 +0000
In-Reply-To: <EFC9FE9C-D13D-47ED-B92E-87D060B0A8B5@arbor.net>
Errors-To: nanog-bounces@nanog.org
What if you are a hosting company and those aren't your servers to patch?
What about the time to patch 200+ servers versus configuring one location?
What if you have to schedule the staff and maintenance window to patch the =
servers?
What if you have legacy equipment that you must continue using, but the ven=
dor is slow to provide the patch.
There is a huge difference in what is good network/security designs between=
content providers, transit networks, eyeball networks, corporate networks,=
universities, etc... One size doesn't fit all.
----
Matthew Huff=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 | 1 Manhattanville Rd
Director of Operations=A0=A0=A0| Purchase, NY 10577
OTA Management LLC=A0=A0=A0=A0=A0=A0 | Phone: 914-460-4039
aim: matthewbhuff=A0=A0=A0=A0=A0=A0=A0 | Fax:=A0=A0 914-694-5669
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Roland Dobbins
Sent: Thursday, February 5, 2015 12:48 PM
To: nanog@nanog.org
Subject: Re: Checkpoint IPS
On 6 Feb 2015, at 0:38, Raymond Burkholder wrote:
> There must some sort of value in that?
No - patch the servers.
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
