Hi Darrly,
<snip>
It appears that the NEA charter is completely misleading to some
people from what is stated in this email. As the NEA
charter alludes
to, NEA does nothing to protect against compromised
devices. Also, as
has been agreed, NEA is not a protection mechanism for the
network -
it is meant to be a protection mechanism for compliant,
truthful and
as yet uncompromised end hosts against known vulnerabilities.
True the NEA doesn't "do" anything to protect against
compromised devices but it does assist in limiting the known
compromises on endpoint devices by being a mechanism for the
checking and reporting on compliance to what ever network
policy is in place including virus and patch levels.
I'm not sure what you mean by "known compromises" - did you mean known
vulnerabilities? If so, yes - I was not questioning the role of NEA in
dealing with known vulnerabilities on truthful endpoints.
The discussion was about using NEA as a protection mechanism for the
network and that doesn't make sense to me and as I understand from
Susan, that is not the intention of the charter either.
As a
network administrator I already deploy mechanisms for doing
just this, but at a higher level than the NEA charter
indicates. To me the difference is between being reactive or
proactive. Compliance testing I already run occurs after an
end node has joined the network, with NEA the possibility is
for compliance checking before being allowed onto the network
so isolation and immediate remediation is possible.
Any network, in its own best interests, must assume that
it has lying
and compromised endpoints connecting to it and that there
are unknown
vulnerabilities on any NEA-compliant devices connecting to it. Any
kind of protection that addresses these general threats that the
network may be exposed to at any time will simply obviate the need
for NEA from the network perspective.
Reliance on one protection or reporting mechanism is not
enough. We need a lot of varied tools to cover all the bases
and minimise risk.
This is repitition at this point - but, when a network has mechanisms to
protect itself against lying endpoints and unknown vulnerabilites, that
should cover protection against truthful ones with known
vulnerabilities. Otherwise, the network is obviously not adequately
protected against the broader set of threats. So, one would employ NEA
in their networks to protect the end hosts attaching to the network, not
the network itself.
A network operator that thinks the network is getting any
protection
by employing NEA is clearly ignoring the obvious real threats that
the network is exposed to at any time.
No, NEA would just be one more tool used to improve overall
security and minimise risk. It would be at a different level
to the tools some of already deploy.
This is what I meant when I said that the charter is
unclear and it
must explicitly state that NEA is not meant as a
protection mechanism
of any sort for the network.
I don't believe the Charter needs to delve into this at all.
If some people see it as part of their protection mechanisms,
so be it.
That is a terrible approach to take, given how misleading the charter
obviously has been to many. The charter must be clear about what the WG
is doing and what is out of scope.
Vidya
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf