Rabu, 20 Desember 2006

IETF Network Endpoint Assessment Working Group

Dark Reading posting an article on the new Network Endpoint Assessment (nea) IETF working group. The description says, in part:

Network Endpoint Assessment (NEA) architectures have been implemented in the industry to assess the "posture" of endpoint devices for the purposes of monitoring compliance to an organization's posture policy and optionally restricting access until the endpoint has been updated to satisfy the posture requirements. An endpoint that does not comply with posture policy may be vulnerable to a number of known threats that may exist on the network. The intent of NEA is to facilitate corrective
actions to address these known vulnerabilities before a host is exposed to potential attack. Note that an endpoint that is deemed compliant may still be vulnerable to threats that may exist on the network. The network may thus continue to be exposed to such threats as well as the range of other threats not addressed by maintaining endpoint compliance.
I have a feeling these Cisco Network Admission Control (NAC) / Microsoft Network Access Protection (NAP) / Trusted Network Connect (TNC) plans are all fighting the last war. Others have criticized NEA, and I tend to agree with their conclusions. I have a feeling that "business realities" are going to prevent security people from restricting access to NEA-noncompliant devices. At some point NEA will be another part of configuration management anyway.

0 komentar:

Posting Komentar