Hello Brian and welcome to LQ.. Congrats on the newest..
I have a couple of questions if I may...
It still seems to me the greatest network weakness is the
user..
Despite their desired "freedom", "privacy" & "rights", watching one of them click the "Happy99.exe" attachment in an email just
3 bare seconds after reading the hand delivered warning memo, has me installing a lot of "restrictive" preventative measures.
Or the user who installed a wireless network behind a gateway masquerading as his workstation...
I have gone down the line of installing inline proxies and servers to isolate users from the external world, eg http content filters, antivirus scanning POP, ftp & http servers, and matching netfilter rules to log and drop anyone trying to circumvent them.
What have been your experiences with this kind of "inline filtering"?
There are admittedly many points to maintain, but have you seen any developments in this area?
A lot of companies only choose a reactive protection model in response to these weaknesses because they can see the immediate results.
Have you seen any trends for companies to behave proactively, without needing anyone to push the FUD/liability factor?
Do you see the Linux community as ready to satisfy this change?
Your comments on Hogwash have me quite inspired to add this in front of the public open services and to audit the services we are serving to get a view of what is considered acceptable to ask them to do.
Thanks!