I'd say IOS isn't just the software that runs their routers and so on, IOS is behind a product portfolio and provides Cisco with a vendor lock-in strategy (for want of a better phrase)...

Firstly, IOS is the operating system but on top of that, they can sell IOS as an individual product (even if it only comes bundled with other ones, it's good material for the marketing department) and they also have the numerous Cisco certifications that revolve around (or heavily involve) the usage of IOS.

Secondly, the lock-in thing. You train up a load of engineers to use just IOS for routers and of course the next time kit needs replacing those engineers (or their managers) will instinctively go for Cisco kit because no re-training is required. That is, of course, unless some other provider offered a product that touted benefits that outweighed these retraining costs... but I think that unlikely.

This is just an attempt by the Guardian to steal the thunder of the Daily Telegraph, who have been at the centre of this by publishing uncensored figures.

And what's the point of 'investigating' this stuff when we know the Telegraph has all the answers? Well, I'm sure the guys at the Guardian will publish the results of their so-called 'investigations' when the Telegraph release the rest of their data...

Hey, the Times isn't like the Sun, ok. :/

Did you figure that out all by yourself, or did you do something as unslashdot-like as read the title ?

Here, here - this story is old.

Link: here.

Ah, you must be new here. Welcome to Slashdot ;)

Er, I should add that I totally agree with your point about the ease of management - this is definitely a benefit, particularly in smaller businesses (the cost of a UTM is also lower than that of separate IDS/firewall/anti-virus/etc appliances).

My point was just that from the technical perspective is isn't optimal. Realisticly, it is a good compromise for those who can't afford/don't need anything better.

Multiple security controls, yes, but these must be independent.

If I have a firewall and an IDS on the same machine, and someone exploits a hole in the TCP stack or the IDS to get local root/admin priviledges, they then have control of not only the firewall but also the IDS. If I have two separate machines, a firewall and an IDS, if one gets compromised it does not affect the other.

Thinking about it, the way to get around it in the case of a UTM is to use VMs for each task, but that will have a hit on performance presumably, as well as integration and thus usability.

This was in BBC news at the beginning of the week! Come on, Slashdot!

You are comparing apples and oranges. DVD-Rs and flash drives are aimed at different markets. How many movie players do you see with SD/USB slots? How many people carry powerpoint presentations and other odd documents on DVDs?

> He also talks about what it's like to be one of the most often-targeted DDoS sites on the planet.

Microsoft.com is a DDoS site? I knew it! All this time they have secretly been DDoSing their competitors and customers alike to achieve world dominance.

If you have any caching proxies on your network or your ISP has any transparent caches (many do nowadays), that might affect things.

Also, has the Acid3 site been slashdotted? :)

> Enormous economic and security benefit.

Until your central database gets hacked, or those managing it are bribed into submission by some dubious third party for political or commercial gain.

In theory it sounds like a perfect system, but in reality you need decentralisation to get over the fallen nature of humans - the internet is a good example.

Given that IBM has built a lot on Java, I wonder if, now that Oracle controls Sun, IBM will consider forking it? (They then start using their fork, thus retaining control of the platform...)

I don't think that'd be a good thing but if Java is open source it could happen...

Did anyone else see the headline and thought it said 'IBM Withdraws $78 offer for Sun Microsystems'?