Magnet Mail Archive: Re: [Micronet] wow

From: Sherry M. Rogers <smrogers_at_socrates.berkeley.edu>
Date: Tue Jul 06 2004 - 16:56:34 PDT

Greg,

It isn't as far-fetched as it sounds, but certainly we will be moving
ahead in small, careful steps. This is the direction the industry is
moving. Take a look at the following url describing Cisco's plans - this
is functionality which will be part of all their network access devices.
The endpoint devices can be rerouted to a quarantine VLAN for remediation.
Though currently only functional for the windows platform, they have
ambitious plans for the future.

http://www.cisco.com/en/US/netsol/ns466/networking_solutions_sub_solution_home.html

-Sherry, SNS

On Tue, 6 Jul 2004, Greg Merritt wrote:

> At 2:32 PM -0700 7/6/04, Sherry M. Rogers wrote:
> >
> >...Our long-term goal is to have a "network
> >access control" system which will enable us to scan any host prior to
> >letting it on the campus network. If the host does not meet those
> >standards we can check for, it will be routed to a captive site where the
> >necessary upgrades are available...
>
>
> Wow -- so at some point we'll have an environment in which
> all devices (computers, pdas, printers/copiers, what have you) are
> explicitly denied network access unless they respond in an approved
> manner to a CNS security probe? Is that the idea?
>
> (Also, note that being "routed to a captive site" requires
> the user to fire up a Web browser -- you can't route Eudora or
> FileMaker or AIM to such a captive Web site, eh?)
>
> -Greg
>
> ------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> For information about Micronet, including subscribing to
> or unsubscribing from its mailing list and finding out
> about upcoming meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.
>

-------------------------------------------------------------------------
Sherry M. Rogers University of California, Berkeley
System & Network Security phone (510)642-7157
-------------------------------------------------------------------------

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Tue Jul 6 16:57:49 2004

This archive was generated by hypermail 2.1.8 : Tue Jul 06 2004 - 16:57:49 PDT