Saturday, February 18, 2006

Cisco Security Agent

Cisco Security Agent is probably one of the best host intrusion prevention technologies on the Windows platform. It policy driven that resides in kernel memory monitoring API calls and reduces some of the overhead that Symantec AV does not. It is not definition driven at all and takes security to a whole different level by actually preventing unknown/known attacks without requiring patching. Here are some case studies demonstrating its track history.

Cisco CSA Deployment Best Practices

Deployment guide

No comments: