Re: [Nea] WG Review: Network Endpoint Assessment (nea)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Oct 7, 2006, at 10:42 AM, Lakshminath Dondeti wrote:


At 01:42 AM 10/7/2006, Harald Alvestrand wrote:

<snip>
Many universities require their students to buy their own laptops, but prohibit certain types of activity from those laptops (like spamming, DDOS-attacks and the like). They would love to have the ability to run some kind of NEA procedure to ensure that laptops are reasonably virus-free and free from known vulnerabilities, and are important enough in their students' lives that they can probably enforce it without a complaint about "violation of privacy".
Just pointing out that there's one use case with user-managed endpoints where NEA is not obviously a bad idea.
My email ventures into a bit of non-IETF territory, but we are discussing use cases, and so I guess it's on topic. Universities should be the last places to try antics like NEA. Whereas an operational network would be a priority to them, it is also important that they allow students to experiment with new applications. If we are believing that general purpose computing will be taken away from college students, we are indeed talking about a different world.
In any event, the bottomline is NEA as a solution to "network protection" is a leaky bucket at best.
NEA at best *may* raise the bar in attacking a "closed" network where endpoints are owned and tightly controlled by the organization that owns the network.
Services are currently offered that detect abnormal traffic, where users are directed to scrubbing services suitable for ISPs or universities. This is done through walled garden techniques. Once remediation is completed, restrictions are removed. This does not depend upon specific conformance standardization, but rather specialized utilities loaded with a browser where restrictions are also applied. When the system in question is not using a browser, other methods of notification of a need for remediation are needed.
A standardize signaling of asserted conformance and a need for remediation might be where this effort is best focused.
-Doug 
_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]