[88913] in North American Network Operators' Group
Re: Quarantine your infected users spreading malware
daemon@ATHENA.MIT.EDU (Eric Gauthier)
Thu Feb 23 10:39:15 2006
Date: Thu, 23 Feb 2006 10:35:38 -0500
From: Eric Gauthier <eric@roxanne.org>
To: nanog@merit.edu
In-Reply-To: <924f29280602210854o7ab8d998k49b060406e4e04c9@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
Heya,
Sorry about continuing this thread... I noticed a few people discussing
this topic and wondering about new ways to look at quarantining hosts.
There's a working group within the US Internet2 community that's been working
on a generalized architecture and set of white-papers that our member
institutions can share. If you're interested, check out the two
drafts that we have so far (SALSA-Netauth working group):
Architecture for Automating Network Policy (PDF)
http://security.internet2.edu/netauth/docs/internet2-salsa-netauth-architecture-200510.pdf
Strategies for Automating Network Policy Enforcement
http://security.internet2.edu/netauth/docs/internet2-salsa-netauth-policy-enforcement-200504.html
We'd welcome any thoughts, criticism, complaints, praise, etc...
Eric :)