http://infosecplace.com/blog/2006/08/11/my-nac-happy-week-chime-in-please-give-me-remediation/ Commentary on the State of Information Security Thu, 02 Feb 2012 20:22:19 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://infosecplace.com/blog/2006/08/11/my-nac-happy-week-chime-in-please-give-me-remediation/comment-page-1/#comment-379 Sam Tue, 15 Aug 2006 22:16:46 +0000 http://infosecplace.com/blog/2006/08/11/my-nac-happy-week-chime-in-please-give-me-remediation/#comment-379 I think remediation is a pretty tall order in terms of technology and producing it within a NAC solution. The partnering route is probably a good idea (as long as the integration really dioes work) because it leaves the patching experts to do their thing and the NAC experts to do their thing. That is not to say that perhaps we might see some consolidation of some sort in that area (i.e. patch management company acquiring a NAC company or a NAC company OEMing a patch tool). There are some great solutions on either front so it would be hard to justify writing a new tool from scratch to complement the other. I think remediation is a pretty tall order in terms of technology and producing it within a NAC solution. The partnering route is probably a good idea (as long as the integration really dioes work) because it leaves the patching experts to do their thing and the NAC experts to do their thing. That is not to say that perhaps we might see some consolidation of some sort in that area (i.e. patch management company acquiring a NAC company or a NAC company OEMing a patch tool). There are some great solutions on either front so it would be hard to justify writing a new tool from scratch to complement the other.

]]> http://infosecplace.com/blog/2006/08/11/my-nac-happy-week-chime-in-please-give-me-remediation/comment-page-1/#comment-359 Alan Shimel Fri, 11 Aug 2006 20:48:39 +0000 http://infosecplace.com/blog/2006/08/11/my-nac-happy-week-chime-in-please-give-me-remediation/#comment-359 Michael - sorry if this is a long one and I will fully respond on my blog. First of all thanks for the kind words about StillSecure and I. We think SafeAccess is a great product and one of the most full featured in the NAC market. I of course would be interested in who you spoke to today but understand you not naming names. On the remediation front, I agree with you. Self-remediation frankly stinks and is not a great solution for non-IT users. Currently Safe Access itself has a full set of API's that allow it to work with many 3rd party patch managers including Citadel Hercules, Big Fix, MS SMS, etc. However, we are looking at some very interesting alternatives as well. That is as much as I can go into here, but suffice to say we agree with you and are doing something about it. BTW, the integration with patching is pretty tight in Safe Access. Michael – sorry if this is a long one and I will fully respond on my blog. First of all thanks for the kind words about StillSecure and I. We think SafeAccess is a great product and one of the most full featured in the NAC market. I of course would be interested in who you spoke to today but understand you not naming names. On the remediation front, I agree with you. Self-remediation frankly stinks and is not a great solution for non-IT users. Currently Safe Access itself has a full set of API’s that allow it to work with many 3rd party patch managers including Citadel Hercules, Big Fix, MS SMS, etc. However, we are looking at some very interesting alternatives as well. That is as much as I can go into here, but suffice to say we agree with you and are doing something about it. BTW, the integration with patching is pretty tight in Safe Access.

]]>