Presentation is loading. Please wait.

Presentation is loading. Please wait.

Continuous Assessment Protocols for SACM draft-hanna-sacm-assessment-protocols-00.txt November 5, 20121IETF 85 - SACM Meeting.

Published byPercival Snow Modified over 8 years ago

Similar presentations

Presentation on theme: "Continuous Assessment Protocols for SACM draft-hanna-sacm-assessment-protocols-00.txt November 5, 20121IETF 85 - SACM Meeting."— Presentation transcript:

1 Continuous Assessment Protocols for SACM draft-hanna-sacm-assessment-protocols-00.txt November 5, 20121IETF 85 - SACM Meeting

2 NEA Reference Model from RFC 5209 Posture Collectors Posture Validators Posture Transport Server Posture Attribute (PA) protocol Posture Broker (PB) protocol NEA ClientNEA Server Posture Transport (PT) protocols Posture Transport Client Posture Broker Client Posture Broker Server November 5, 20122IETF 85 - SACM Meeting

3 Basic TNC Architecture Policy Decision Point Policy Enforcement Point Access Requestor Verifiers t Collector Integrity Measurement Collectors (IMC) Integrity Measurement Verifiers (IMV) IF-M IF-IMCIF-IMV Network Access Requestor Policy Enforcement Point (PEP) Network Access Authority IF-T IF-PEP TNC Server (TNCS) TNC Client (TNCC) IF-TNCCS http://www.trustedcomputinggroup.org/developers/trusted_network_connect/specifications November 5, 20123IETF 85 - SACM Meeting

4 NEA With EAP Transport (PT-EAP) November 5, 2012IETF 85 - SACM Meeting4 Non-compliant System Windows 7 x OSHotFix 2499 x OSHotFix 9288 AV - McAfee Virus Scan 8.0 Firewall NEA Client Remediation Network Compliant System Windows 7 OSHotFix 2499 OSHotFix 9288 AV - Symantec AV 10.1 Firewall Production Network Policy Enforcement Point Policy Decision Point Policy Windows 7 OSHotFix 2499 OSHotFix 9288 AV (one of) Symantec AV 10.1 McAfee Virus Scan 8.0 Firewall PA-TNC/PB-TNC/PT-EAP

5 NEA With TLS Transport (PT-TLS) November 5, 2012IETF 85 - SACM Meeting5 Access Requestor Compliant System Windows 7 OSHotFix 2499 OSHotFix 9288 AV - Symantec AV 10.1 Firewall Policy Decision Point Policy Windows 7 OSHotFix 2499 OSHotFix 9288 AV (one of) Symantec AV 10.1 McAfee Virus Scan 8.0 Firewall PA-TNC/PB-TNC/PT-TLS

6 SCAP Messages for IF-M Policy Decision Point Policy Enforcement Point Access Requestor Verifiers t Collector Integrity Measurement Collectors (IMC) Integrity Measurement Verifiers (IMV) IF-M IF-IMCIF-IMV Network Access Requestor Policy Enforcement Point (PEP) Network Access Authority IF-T IF-PEP TNC Server (TNCS) TNC Client (TNCC) IF-TNCCS http://www.trustedcomputinggroup.org/developers/trusted_network_connect/specifications November 5, 20126IETF 85 - SACM Meeting SCAP

7 IF-MAP: Secure Dynamic Info Sharing Policy Decision Point Policy Enforcement Point Access Requestor Verifiers t Collector Integrity Measurement Collectors (IMC) Integrity Measurement Verifiers (IMV) IF-M IF-IMCIF-IMV Network Access Requestor Policy Enforcement Point (PEP) Network Access Authority IF-T IF-PEP TNC Server (TNCS) TNC Client (TNCC) IF-TNCCS Metadata Access Point Sensors and Flow Controllers Metadata Access Point IF-MAP Sensor IF-MAP Flow Controller IF-MAP http://www.trustedcomputinggroup.org/developers/trusted_network_connect/specifications November 5, 20127IETF 85 - SACM Meeting

Download ppt "Continuous Assessment Protocols for SACM draft-hanna-sacm-assessment-protocols-00.txt November 5, 20121IETF 85 - SACM Meeting."

Similar presentations

Environmental Health Tracking Technical Team Meeting 1 Future Assessment and Needs Assessment Advisory Discussion Craig Wolff IT/GIS Manager March 5, 2003.

Environmental Health Tracking Technical Team Meeting 1 Future Assessment and Needs Assessment Advisory Discussion Craig Wolff IT/GIS Manager March 5, 2003.
November 9, 2009IETF 76 NEA WG1 NEA Working Group IETF 76 Co-chairs: Steve Hanna

November 9, 2009IETF 76 NEA WG1 NEA Working Group IETF 76 Co-chairs: Steve Hanna
PWG-IDS Differences of the attributes between NEA and NAP protocols By Ron Nevo Sharp June 2008.

PWG-IDS Differences of the attributes between NEA and NAP protocols By Ron Nevo Sharp June 2008.
Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 1 XMPP-Grid for SACM Information Transport XMPP Protocol Extensions for Use.

Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved. 1 XMPP-Grid for SACM Information Transport XMPP Protocol Extensions for Use.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.

TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Putting Trust into the Network: Securing.

Copyright© 2004 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Putting Trust into the Network: Securing.
Agenda Introduction Network Access Protection platform architecture

Agenda Introduction Network Access Protection platform architecture
IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,

IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Interop Labs Network Access Control Interop Las Vegas 2006 Karen O’Donoghue.

Interop Labs Network Access Control Interop Las Vegas 2006 Karen O’Donoghue.
IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.

IETF-63Bridgewater/Samsung PANA RADIUS PANA RADIUS draft-ietf-pana-aaa-interworking-00.txt Avi Lior, Bridgewater Systems Alper.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Network Connect: Open.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Trusted Network Connect: Open.
SACM Architecture Based on TNC Standards Lisa Lorenzin & Atul Shah.

SACM Architecture Based on TNC Standards Lisa Lorenzin & Atul Shah.
NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.

NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.
Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.
Analysis of Existing Work for I2NSF draft-zhang-gap-analysis-00 H.Rafiee Dacheng Zhang Huawei IETF 91 I2NSF BoF.

Analysis of Existing Work for I2NSF draft-zhang-gap-analysis-00 H.Rafiee Dacheng Zhang Huawei IETF 91 I2NSF BoF.
Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Open Standards for Network Access Control Trusted Network Connect.

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Open Standards for Network Access Control Trusted Network Connect.
Introduction of Trusted Network Connect Houcheng Lee May 9, 2007.

Introduction of Trusted Network Connect Houcheng Lee May 9, 2007.
TNC Endpoint Compliance and Network Access Control Profiles TCG Members Meeting June 2014 Barcelona Prof. Andreas Steffen Institute for Internet Technologies.

TNC Endpoint Compliance and Network Access Control Profiles TCG Members Meeting June 2014 Barcelona Prof. Andreas Steffen Institute for Internet Technologies.
Network Access Control for Education

Network Access Control for Education

Similar presentations

Ads by Google