ietf
[Top] [All Lists]

Re: [Nea] WG Review: Network Endpoint Assessment (nea)

2006-10-07 10:49:13
At 01:42 AM 10/7/2006, Harald Alvestrand wrote:
<snip>
Many universities require their students to buy their own laptops, but prohibit certain types of activity from those laptops (like spamming, DDOS-attacks and the like). They would love to have the ability to run some kind of NEA procedure to ensure that laptops are reasonably virus-free and free from known vulnerabilities, and are important enough in their students' lives that they can probably enforce it without a complaint about "violation of privacy".

Just pointing out that there's one use case with user-managed endpoints where NEA is not obviously a bad idea.

My email ventures into a bit of non-IETF territory, but we are discussing use cases, and so I guess it's on topic. Universities should be the last places to try antics like NEA. Whereas an operational network would be a priority to them, it is also important that they allow students to experiment with new applications. If we are believing that general purpose computing will be taken away from college students, we are indeed talking about a different world.

In any event, the bottomline is NEA as a solution to "network protection" is a leaky bucket at best.

NEA at best *may* raise the bar in attacking a "closed" network where endpoints are owned and tightly controlled by the organization that owns the network.

Lakshminath


                   Harald


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>