inignoct wrote:
] anyone else think this kind of thing should be the
] responsibility of the vendor?
]
] isn't this kinda like solving the problem of pollution by
] issuing filter masks, instead of fixing the factory?

Well, the reality is that there is an established computer security industry that offers security products. These programs are often seen as preferable to vendor solutions because security updates to vendor software usually include other bug fixes that can break production systems. Even if all of the software vendors completely separated computer security patching from their other patching, and did all of their patching online automatically, it would still be possible to misconfigure your system in such a way that it would be insecure.

I could see the tool they are talking about here being useful even in a vendor perfect environment. If you haven't applied the latest patches, then you can't connect to the network. School dorms, and other large, open networks would benefit greatly from such a technology.

RE: Cisco security initiative / 4 major firms working to head off Net attacks