[dns-operations] knot-dns
Roland Dobbins
rdobbins at arbor.net
Mon Dec 15 19:40:14 UTC 2014
On 16 Dec 2014, at 1:42, Mike Hoskins (michoski) wrote:
> You can acknowledge things aren't a panacea, while still deriving some
> benefits from them.
My point is that the negatives far outweigh the benefits in most
organizations.
> Monitoring/analytics (intelligence) is key, so the operator can
> intelligently control flows across their services based on risks and
> observed threats.
Yes, I'm a big advocate of this - but it's honored more in the breach
than in the observance, all in all.
Concentrating on telemetry and analytics, and in the people to utilize
same, makes a lot more sense than concentrating on software diversity,
in most organizations. Worrying about software diversity is something
to do after you've done just about everything else you can to improve
your security posture.
-----------------------------------
Roland Dobbins <rdobbins at arbor.net>
More information about the dns-operations
mailing list