Re: [Nea] WG Review: Network Endpoint Assessment (nea)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

At 01:46 AM 10/16/2006, Leif Johansson wrote:

Lakshminath Dondeti wrote:
> At 01:42 AM 10/7/2006, Harald Alvestrand wrote:
>>> <snip>
>> Many universities require their students to buy their own laptops,
>> but prohibit certain types of activity from those laptops (like
>> spamming, DDOS-attacks and the like). They would love to have the
>> ability to run some kind of NEA procedure to ensure that laptops are
>> reasonably virus-free and free from known vulnerabilities, and are
>> important enough in their students' lives that they can probably
>> enforce it without a complaint about "violation of privacy".
>>
>> Just pointing out that there's one use case with user-managed
>> endpoints where NEA is not obviously a bad idea.
>
> My email ventures into a bit of non-IETF territory, but we are
> discussing use cases, and so I guess it's on topic.  Universities
> should be the last places to try antics like NEA.  Whereas an
> operational network would be a priority to them, it is also important
> that they allow students to experiment with new applications.  If we
> are believing that general purpose computing will be taken away from
> college students, we are indeed talking about a different world.
>
> In any event, the bottomline is NEA as a solution to "network
> protection" is a leaky bucket at best.
>
> NEA at best *may* raise the bar in attacking a "closed" network where
> endpoints are owned and tightly controlled by the organization that
> owns the network.
>
Lets not forget that when (not if) NEA/NAP/NAC is deployed the IDSen
people have deployed today to
solve the lying-client-problem by scanning for common/current
vulnerabilities as part of the network admission
process will have to interface with PDPs part of a NEA intfrastructure.
Could you rephrase please? I am afraid I don't understand what you are saying.
Oh, and lying endpoint problem cannot be solved by scanning for common vulnerabilities! In fact, the two have no relation whatsoever. 

Lakshminath



    Cheers Leif



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]