Originally Posted by anaigini45
We have about 200 - 300 production web servers.
And how mission critical are these production servers?
What is the risk management profile of each one of them?
If they have a "high risk" profile if not available, the approach is different.
For example are all 300 web servers running the same application(s) and they are in a huge network of redundant web servers?
Or all all 300 web server running different applications, each with a different risk management profile?