Back Ground: I come from a company of 5K users spread across a large campus with several remote sites. We have had various worms intrude on our day to day activities. Without anything other than up to date anti-virus and some simple PIX type configurations it has been unpleasant. Time cost: One attack slowing Internet traffic to a crawl. Manpower: 2-3 Network 2-3 Data fairly dedicated over the course of a few days. Do the math for the cost of 6 senior people finding and cleaning infected machines. Quotes todate to implement a NIDS solution that encompasses external, DMZ, internal, server farms, 6 mid range devices 100K. Quotes on HIDS solutions vary as per desktop and server but basically you are looking at 1-2K per server and 50-80 dollars per desktop licence. Kim
From: sgorman1@gmu.edu Date: 2003/11/13 Thu AM 09:35:47 EST To: nanog@merit.edu Subject: Cost of Worm Attack Protection
I was hoping to get some estimates from folks on the costs of defending networks from various worm attacks. It is a pretty wide open question, but if anyone has some rough estimates of what it costs per edge, manpower vs. equipment costs, or any combination thereof it would be of great assistance. We are doing some simulations of attack and defense strategies and looking for some good metrics to plug into a cost benefit model. We'd be happy to share the results if anyone is interested as well.
Thanks in advance,
sean