ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Nea] Re: WG Review: Network Endpoint Assessment (nea)

2006-10-16 23:18:49
from [Harald Alvestrand] [Permanent Link] 
Narayanan, Vidya wrote:

Harald,
This seems to be missing the point. I think there is a general sense
that NEA could be helpful for some level of protection to complying
endpoints in an enterprise scenario, which is exactly what you have
described below. The disagreement seems to be on the topics of what NEA
does for the network and whether it makes any sense in the provider
model where the network and end device owners are different. 
I'm not sure who is missing what point at this time....
note that the term "network" does NOT mean "ISP network". People who use it as if it means that contribute to confusion.
Also, the term "network" has been used both in the meaning of "layer 3 network" and in the meaning of "the set of interconnected devices that make up the computing environment of an enterprise". 
On the network protection issue, I still have not seen anything that NEA
provides that is not provided (in a better manner) by protection
mechanisms that the network must use to protect itself against any
unknown vulnerabilities and compromised endpoints. Everything that has
been said still seems to be a subset of that larger threat which must be
protected against anyway. Having said that, the use of NEA for the
provider model doesn't make sense, since providers are interested in
protecting their networks more than protecting the devices they don't
own. Not to mention that they cannot really hope to get compliance from
devices they don't own.
Noting the scenarios above, I claim that NEA-like functionality has proved useful already in protecting "the computing environment of an enterprise". I have not seen compelling evidence that it has any use in "the layer 3 infrastructure used to carry customer traffic at an ISP".
But I think that's beside the point - the use cases for which we know that NEA may be useful are already compelling enough that we should stop debating whether or not to charter the group and get on with the work. 

My opinion.

               Harald


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Stephen Hanna
Next by Date:  RE: [Nea] WG Review: Network Endpoint Assessment (nea), Stephen Hanna
Previous by Thread:  RE: [Nea] Re: WG Review: Network Endpoint Assessment (nea), Narayanan, Vidya
Next by Thread:  Re: [Nea] Re: WG Review: Network Endpoint Assessment (nea), Lakshminath Dondeti
Indexes:  [Date] [Thread] [Top] [All Lists]