ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Nea] WG Review: Network Endpoint Assessment (nea)

2006-10-16 03:20:31
from [Lakshminath Dondeti] [Permanent Link] 
At 01:46 AM 10/16/2006, Leif Johansson wrote:

Lakshminath Dondeti wrote:
> At 01:42 AM 10/7/2006, Harald Alvestrand wrote:
>>> <snip>
>> Many universities require their students to buy their own laptops,
>> but prohibit certain types of activity from those laptops (like
>> spamming, DDOS-attacks and the like). They would love to have the
>> ability to run some kind of NEA procedure to ensure that laptops are
>> reasonably virus-free and free from known vulnerabilities, and are
>> important enough in their students' lives that they can probably
>> enforce it without a complaint about "violation of privacy".
>>
>> Just pointing out that there's one use case with user-managed
>> endpoints where NEA is not obviously a bad idea.
>
> My email ventures into a bit of non-IETF territory, but we are
> discussing use cases, and so I guess it's on topic.  Universities
> should be the last places to try antics like NEA.  Whereas an
> operational network would be a priority to them, it is also important
> that they allow students to experiment with new applications.  If we
> are believing that general purpose computing will be taken away from
> college students, we are indeed talking about a different world.
>
> In any event, the bottomline is NEA as a solution to "network
> protection" is a leaky bucket at best.
>
> NEA at best *may* raise the bar in attacking a "closed" network where
> endpoints are owned and tightly controlled by the organization that
> owns the network.
>
Lets not forget that when (not if) NEA/NAP/NAC is deployed the IDSen
people have deployed today to
solve the lying-client-problem by scanning for common/current
vulnerabilities as part of the network admission
process will have to interface with PDPs part of a NEA intfrastructure.
Could you rephrase please? I am afraid I don't understand what you are saying.
Oh, and lying endpoint problem cannot be solved by scanning for common vulnerabilities! In fact, the two have no relation whatsoever. 

Lakshminath



    Cheers Leif



_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Please stop the country-specific references (Was: I understand that there is an ISO MOU with the IETF - I want to see it..., Stephane Bortzmeyer
Next by Date:  Re: Please stop the country-specific references (Was: I understand that there is an ISO MOU with the IETF - I want to see it..., Brian E Carpenter
Previous by Thread:  Re: [Nea] WG Review: Network Endpoint Assessment (nea), Leif Johansson
Next by Thread:  Re: [Nea] WG Review: Network Endpoint Assessment (nea), Leif Johansson
Indexes:  [Date] [Thread] [Top] [All Lists]