nanog mailing list archives
RE: Cisco, Anti-virus Vendors Team on Network Security
From: <Brennan_Murphy () NAI com>
Date: Tue, 18 Nov 2003 16:30:00 -0800
I think port security is what determines whether or not a box is allowed onto the network. If you know that all of your conference room jacks are patched into switch X blades Y-Z, then you apply security to those ports. If you have a *NIX box in a server room, you obviously drop the mcafee security requirement for that port. I havent read through the documentation but that's my guess. The corporate network security market is looking for a way to ensure that only machines with up to date security policies (AV, FW, IPS) are allowed on the network...with ways to distinguish printers, from workstations/servers... etc... -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Sean Donelan Sent: Tuesday, November 18, 2003 3:48 PM To: Valdis.Kletnieks () vt edu Cc: nanog () merit edu Subject: Re: Cisco, Anti-virus Vendors Team on Network Security On Tue, 18 Nov 2003 Valdis.Kletnieks () vt edu wrote:
Without the secret handshake Mac OS, Linux, Solaris and other operating systems will not be able to connect to a Cisco Self-Defending Network which limits its usefullness for ISPs.A *nix without a secret handshake is like a fish without a bicycle. Yes, viruses *are* theoretically possible on these platforms, but let's be honest here - even if you included all of the platforms, you'd only intercept another 1% or so viruses, tops.
Well, if you let systems on the network without the secret handshake, what's to stop people from connecting Windows boxes with the "security" software disabled so it doesn't answer the "I'm Infected" question? Or the next virus can take over the Cisco secret handshake port and always answer "I'm Ok" when ever the network asks it a question. How does the Self-Protecting Network tell the difference between a non-infected Mac or Unix machine from a Typhod Mary Windows bo if you are depending on software on the system to answer the question? Yes, some level of security works when every obeys the rules. But the current problem ISPs have is not everyone obeys the rules.
Current thread:
- Cisco, Anti-virus Vendors Team on Network Security Sean Donelan (Nov 18)
- RE: Cisco, Anti-virus Vendors Team on Network Security Simon Hamilton-Wilkes (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Valdis . Kletnieks (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Sean Donelan (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Laurence F. Sheldon, Jr. (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Eliot Lear (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Sean Donelan (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Petri Helenius (Nov 18)
- <Possible follow-ups>
- Re: Cisco, Anti-virus Vendors Team on Network Security Brandon Butterworth (Nov 18)
- Re: Cisco, Anti-virus Vendors Team on Network Security Brandon Butterworth (Nov 18)
- RE: Cisco, Anti-virus Vendors Team on Network Security Brennan_Murphy (Nov 18)