ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Nea] WG Review: Network Endpoint Assessment (nea)

2006-10-08 10:15:42
from [Narayanan, Vidya] [Permanent Link] 
 


-----Original Message-----
From: Lakshminath Dondeti [mailto:ldondeti(_at_)qualcomm(_dot_)com] 
Sent: Saturday, October 07, 2006 10:43 AM
To: Harald Alvestrand; Narayanan, Vidya
Cc: nea(_at_)ietf(_dot_)org; iesg(_at_)ietf(_dot_)org; 
ietf(_at_)ietf(_dot_)org
Subject: Re: [Nea] WG Review: Network Endpoint Assessment (nea)

At 01:42 AM 10/7/2006, Harald Alvestrand wrote:

<snip>

Many universities require their students to buy their own 

laptops, but 

prohibit certain types of activity from those laptops (like 

spamming, 

DDOS-attacks and the like). They would love to have the 

ability to run 

some kind of NEA procedure to ensure that laptops are reasonably 
virus-free and free from known vulnerabilities, and are important 
enough in their students' lives that they can probably enforce it 
without a complaint about "violation of privacy".

Just pointing out that there's one use case with 

user-managed endpoints 

where NEA is not obviously a bad idea.


My email ventures into a bit of non-IETF territory, but we 
are discussing use cases, and so I guess it's on topic.  
Universities should be the last places to try antics like 
NEA.  Whereas an operational network would be a priority to 
them, it is also important that they allow students to 
experiment with new applications.  If we are believing that 
general purpose computing will be taken away from college 
students, we are indeed talking about a different world.



I agree. Even in a controlled environment, there is bound to be
software/hardware that does not quite support NEA or specific posture
attributes. In a university environment, while some basic posture
reporting is feasible, there is bound to be a lot of software/hardware
that does not support any NEA parameters. The protection that even the
endhost may be getting from NEA is quite limited. 



In any event, the bottomline is NEA as a solution to "network 
protection" is a leaky bucket at best.



The charter must be clarified to dispel this myth about NEA protecting
the network from anything.  

Vidya



NEA at best *may* raise the bar in attacking a "closed" 
network where endpoints are owned and tightly controlled by 
the organization that owns the network.

Lakshminath



                   Harald


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf





_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proceeding CDs, Fred Baker
Next by Date:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Narayanan, Vidya
Previous by Thread:  Re: [Nea] WG Review: Network Endpoint Assessment (nea), Lakshminath Dondeti
Next by Thread:  Re: [Nea] WG Review: Network Endpoint Assessment (nea), Harald Alvestrand
Indexes:  [Date] [Thread] [Top] [All Lists]