ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Nea] WG Review: Network Endpoint Assessment (nea)

2006-10-08 12:26:56
from [Harald Alvestrand] [Permanent Link] 
Lakshminath Dondeti wrote:

At 01:42 AM 10/7/2006, Harald Alvestrand wrote:

<snip>
Many universities require their students to buy their own laptops, but prohibit certain types of activity from those laptops (like spamming, DDOS-attacks and the like). They would love to have the ability to run some kind of NEA procedure to ensure that laptops are reasonably virus-free and free from known vulnerabilities, and are important enough in their students' lives that they can probably enforce it without a complaint about "violation of privacy".
Just pointing out that there's one use case with user-managed endpoints where NEA is not obviously a bad idea.
My email ventures into a bit of non-IETF territory, but we are discussing use cases, and so I guess it's on topic. Universities should be the last places to try antics like NEA. Whereas an operational network would be a priority to them, it is also important that they allow students to experiment with new applications. If we are believing that general purpose computing will be taken away from college students, we are indeed talking about a different world.
In any event, the bottomline is NEA as a solution to "network protection" is a leaky bucket at best.
NEA at best *may* raise the bar in attacking a "closed" network where endpoints are owned and tightly controlled by the organization that owns the network.
Posture checking is certainly a leaky bucket. It doesn't protect all kinds of endpoint, it doesn't protect the endpoints against all kinds of threats, and it doesn't protect much of anything against a smart, resourceful attacker who is deeply familiar with the NEA system in use and is interested in investing considerable resources in attacking or circumventing it.
But (to recycle a very old simile) the fact that I can open the locks of most doors with a crowbar doesn't mean that locks are not useful. Organizations that have deployed products that do something like what NEA is talking about have reported that their TCO is reduced. 

                       Harald


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Narayanan, Vidya
Next by Date:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Darryl \(Dassa\) Lynch
Previous by Thread:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Narayanan, Vidya
Next by Thread:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Darryl \(Dassa\) Lynch
Indexes:  [Date] [Thread] [Top] [All Lists]