My company has recently deployed Cisco Security Agent to most of our User enviroment. There seems to be some confusion at my organization of who should be handling the day-to-day operation of CSA, which includes:
- Modifying group policies
- Looking in the Event logs to find problem PCs
- making sure PC's are in the right group.
- moving people in and out of groups.
Our NOC was orginally supposed to run these task per the project. We have had our Info. Sec. team involved since day one of the project. From my thinking I believe that our Info. Sec. dept should handle these daily tasks and it shouldn't involve our NOC.
Can anyone please shed light on what other companies are doing with CSA. Is the info sec dept in charge of these daily task or a NOC. Any input would help so that I can portray what other organizations are doing to my management.