- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
Network World - Understanding exactly how SensorBase will affect an event's Risk Rating when Global Correlation Inspection is turned on is somewhat complicated. You have to pick a system-wide level, ranging from "permissive" to "standard" to "aggressive." Then, every time an event occurs where the IP address involved has a bad reputation, the Risk Rating will be bumped up by some amount.
Cisco engineers showed us an "internal use only" table that spells out how different reputations (which are on a scale from 0 to -10, with -10 being the worst possible reputation) and different levels selected will affect the Risk Rating, but told us that they don't plan to put this into the documentation quite yet. Their reason is that they wanted the ability to adjust the way the table operates as they gain more experience with combining reputation services and IPS signatures, and as they figure out the "right" increase in Risk Rating for each scenario.
Read more about security in Network World's Security section.