Finally, IDS has helped us keep tabs on acceptable-use policy violations, including the use of peer-to-peer file-sharing programs and online games, that consume our network bandwidth, hurt employee productivity and, in the case of file sharing of copyright-protected software and music, have the potential to cause legal problems.

I'll also point out that our IDS infrastructure is a great source of information when we need to troubleshoot problems with the network, applications or servers, since we can filter for certain types of traffic or IP addresses.

Beyond IDS

Similarly, I would like to expand our use of Tripwire Inc.'s change-control offering to all of our roughly 350 critical servers and network infrastructure. Although we have deployed Tripwire to only 15 or so servers, the alerting and reporting provide a wealth of knowledge regarding files that have changed over a period of time. Not only does that data help us with Sarbanes-Oxley Act compliance, but it also assists in configuration management and incident response.

And speaking of SarbOx, it continues to absorb a significant amount of time for me and my staff. I will detail the various activities associated with SarbOx compliance in an effort to get approval to add to the department's head count.