Hello Mr. Lukenbill, I also used to be a HAC employee on the HP3K, how are
things in KY?

I've been working on HP3Ks for 14 years and started as a simple operator.
 I've also worked in high security environments and am also impressed with
VESoft's SECURITY/3000 package.

I've never had any qualms about it being a 3rd party package, neither do I
have a problem being UDC based*.  There is nothing out there that replaces
"due diligence" on the part of Management.  Although I also think that
tools such as Security/3000 and VEAudit demonstrate to Management (and
auditors) that "due diligence" is being observed.  As a matter of fact, the
at one company I was at, the purchase of Security/3000 (and its use)
demonstrated to Deloitte & Touche enough for us to pass our corporate MIS
Audit.

As far as "high security" environments are concerned I'm sure VESoft
products will bring it up to level C2.  Level B1 is a definite maybe, I
just haven't met anyone that will admit it in an insecure area.

VESoft had a procedure for plugging certain network loopholes, I lost the
install for this procedure over time.  Does anyone remember it?