[88913] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: Quarantine your infected users spreading malware

daemon@ATHENA.MIT.EDU (Eric Gauthier)
Thu Feb 23 10:39:15 2006

Date: Thu, 23 Feb 2006 10:35:38 -0500
From: Eric Gauthier <eric@roxanne.org>
To: nanog@merit.edu
In-Reply-To: <924f29280602210854o7ab8d998k49b060406e4e04c9@mail.gmail.com>
Errors-To: owner-nanog@merit.edu


Heya,

Sorry about continuing this thread...  I noticed a few people discussing 
this topic and wondering about new ways to look at quarantining hosts.
There's a working group within the US Internet2 community that's been working
on a generalized architecture and set of white-papers that our member 
institutions can share.  If you're interested, check out the two
drafts that we have so far (SALSA-Netauth working group):

Architecture for Automating Network Policy (PDF)
http://security.internet2.edu/netauth/docs/internet2-salsa-netauth-architecture-200510.pdf

Strategies for Automating Network Policy Enforcement
http://security.internet2.edu/netauth/docs/internet2-salsa-netauth-policy-enforcement-200504.html


We'd welcome any thoughts, criticism, complaints, praise, etc...

Eric :)


home help back first fref pref prev next nref lref last post