A security manager describes nightmares related to information security management and is sure that such bad dreams reflect his concerns over lack of control even though a disaster has not occurred. The security manager dreads the possibility that he might have to notify customers that personal information has been exposed or tell others that the network is owned. To eliminate the dreams, he will have to make some changes. He started by telling his boss that he wanted full control over all network security operations, including firewall, virtual private network (VPN), router, and domain access administration. He also wants more people and tools and an organizational change. Policy is not an issue, nor are process and procedure, including Sarbanes-Oxley. He wants to be able to do what is needed to secure information assets. The situation that brought the issues to a head was the fact that even though security enhancements and improvements are in the works, the security manager and others have no idea what is really going on in the network. For instance, the network intrusion detection system (NIDS) is capable of seeing only half of all network traffic because port spanning is used. What is needed is a way to tap into network traffic. The solution had to be able to aggregate full-duplex traffic onto one data stream that the NIDS, which is based on Snort, could use. A port aggregator tap was chosen after going online to Talisker Security Wizardry. The taps are be done at the firewall, DMZ, to monitor WAN traffic, and to monitor critical LAN segments. The cost may be high, but a full-functioned effective product is worth the price. A serious concern was discovered with the port aggregator tap and was resolved. Therefore, the budget could also be adjusted to include the solution. However, management still has to be convinced that network security is a matter for serious concern.