James Simpson wrote:
> Is anyone using the nessus component to do end point compliance?  Is it
> as effective as using the agent to ensure compliance?
> (I ask because my assumption is that in this day of host firewalls the
> scans would be futile but I would love to be told otherwise)

We've been running just the Nessus checks since we first implemented
Perfigo at Oberlin. Until recently, we've been successful in the
assumption that if the Windows firewall was working, the computer behind
it was acceptably protected.

Of course, in recent months it's become clear to everyone that we need
greater visibility into the endpoint machine, and will be migrating to
an agent-based implementation over the summer. We want to be able to
identify and react as quickly as possible to click-through or drive-by
infections, and it appears that might best be achieved with a local agent.

-- 
Celebrating the 200th anniversary of Darwin's birth,
and the 150th anniversary of the publication of the Origin of Species.
-- Cal Frye, Network Administrator, Oberlin College
   Mudd Library, x.56930 -- CIT will NEVER ask you for your password!

   www.calfrye.com,  www.pitalabs.com

"It is dangerous to be right when the government is wrong." --Voltaire.