Magnet Mail Archive: Re: Re: [Micronet] wow

From: Michael Sinatra <michael_at_rancid.berkeley.edu>
Date: Tue Jul 06 2004 - 17:18:42 PDT

Sherry M. Rogers wrote:
> Greg,
>
> It isn't as far-fetched as it sounds, but certainly we will be moving
> ahead in small, careful steps. This is the direction the industry is
> moving. Take a look at the following url describing Cisco's plans - this
> is functionality which will be part of all their network access devices.
> The endpoint devices can be rerouted to a quarantine VLAN for remediation.
> Though currently only functional for the windows platform, they have
> ambitious plans for the future.
>
> http://www.cisco.com/en/US/netsol/ns466/networking_solutions_sub_solution_home.html

I'd be very careful with this. I have been in some discussions with
cisco on this topic, and while they have ambitious plans, it's not at
all clear that they will be able to deliver on what we--and many of the
other universities I have talked to--really need: an *extensible*
quarantine system.

More importantly, a cisco proprietary solution won't work across campus,
where multiple vendor gear interoperates. It's not just an OS issue--it
also involves network gear, and the worst thing is that cisco's *own*
product lines are inconsistent in their feature sets! (I can discuss
this at further length offline, if you really want to get me started.) :)

The good news is that there are standards-based approaches to this
problem, and the technology seems to be moving in a direction that will
make such a system Sherry describes feasible in the next few years.
However, it does mean that we will all have to do things a bit
differently than we currently do, and some people will have to do a lot
of work to get the system implemented. But I do think it's possible,
and based on conversations I am having with other campuses, there is a
lot of interest in doing it. And Greg, I am sure that the system would
have to have safeguards for certain types of devices and to prevent
false-positives.

michael

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Tue Jul 6 17:22:08 2004

This archive was generated by hypermail 2.1.8 : Tue Jul 06 2004 - 17:22:08 PDT