SACM Scope Discussion IETF-92 Meeting March 23, 2015 Dave Waltermire Adam Montville.

Slides:

Advertisements

Similar presentations

Environmental Health Tracking Technical Team Meeting 1 Future Assessment and Needs Assessment Advisory Discussion Craig Wolff IT/GIS Manager March 5, 2003.

Advertisements

Internet Protocol Security (IP Sec)

Developing the Mobile Learning Business London, 24 September 2001 Mark Watkinson e-Learning Principal, IBM Region North (c) Copyright IBM Corp m-

Resolution Categorization

Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM IETF-92 Meeting March 23 and 27, 2015 Dan Romascanu Adam Montville.

IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,

Networking with Windows Vista.. Vista’s New Tools and Features The Network and Sharing Center Network Discovery Network Map Network Diagnostics.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

LLDP-MED Location Identification for Emergency Services Emergency Services Workshop, NY Oct 5-6, 2006 Manfred Arndt

DHCP Server © N. Ganesan, Ph.D.. Reference DHCP Server Issues or leases dynamic IP addresses to clients in a network The lease can be subject to various.

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

Telecommunications. General Information Industry: Telecommunication Industry Patent Number: (US Patent) Title: Electronic Device Security.

? INTERNET WHAT, WHY, HOW. DEFINITION The Internet is a massive public spiderweb of computer connections. It connects personal computers, laptops, tablets,

LLDP-MED Location Identification for Emergency Services Emergency Services Workshop, NY Oct 5-6, 2006 Manfred Arndt

Use Cases and API Extension for Source IP Address Selection draft-sijeon-dmm-use-cases-api-source-00.txt Presenter: Alper Yegin Authors: Seil Jeon, Sergio.

Cli/Serv.: JXTA/151 Client/Server Distributed Systems v Objective –explain JXTA, a support environment for P2P services and applications ,

Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.

Using Microsoft Network Access Protection to test Dr.Web anti-virus software The workstations successfully checked by NAP can be used in a corporate network.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1  A network is a connected collection of devices (computers, interconnections, routers, and.

Performance analysis and prediction of physically mobile systems Point view: Computational devices including Mobile phones are expanding. Different infrastructure.

Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.

HOW-TO guide This tutorial has sound.

SACM Requirements Nancy Cam-Winget March 2014.

SMS Module Model ： SB-DN-SMS/IP Configuration of SMS Module.

Terminology and Use Cases Status Report David Harrington IETF 88 – Nov Security Automation and Continuous Monitoring WG.

NEA Requirement I-D IETF 68 – Prague Paul Sangster Symantec Corporation.

NEA Requirements Update -06 version summary. Posture Transport Considerations Issue –Ability of existing protocols used for network access to meet requirements.

SACM IETF-91Meeting November 10 and 14, 2014 Dan Romascanu Adam Montville.

Mobile Phone Based Environment Control/Security System Christopher Carroll B.E. Electronic and Computer Engineering.

Programming technical terms Program is like a recipe. It contains a list of ingredients (called variables) and a list of directions (called statements)

Ashley White.  Computing that is made to be found anywhere and everywhere.  A high degree of communication among devices and sensors through a ubiquitous.

Abdullah Alshalan Garrett Drown Group #4 CSE591 - Virtualization and Cloud Computing.

Networking Components William Isakson LTEC 4550 October 7, 2012 Module 3.

SACM IETF 89, London, UK Dan Romascanu Adam Montville.

Individual Project: Install software and hardware to allow business to take advantage of the lower costs afforded by VOIP over Wi-Fi, the system to enable.

LO2 Understand the key components used in networking.

1 Brian Carpenter Sheng Jiang IETF 85 November 2012 Next steps for 6renum work.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

David B. Johnson Rice University Department of Computer Science DSR Draft Status Monarch Project 57th IETF.

Asset Summary Reporting draft-davidson-sacm-asr-00 David Waltermire

Telecommunication Requirements draft-zhuang-sacm-telereq-00 Xiaojun Zhuang, Minpeng Qi (presenter) Judy Zhu.

COMP1321 Digital Infrastructure Richard Henson March 2016.

Problem Statement: Media Independent Handover Signalling draft-hepworth-mipshop-mih-problem-statement-01 Ele Hepworth (*), Greg Daley, Srinivas Sreemanthula,

Servelite - Complete IT Solutions. Servelite IT solutions specialize in providing Home solutions and Business solutions. We focus upon delivering quality.

Lect-12-1: IP over ATMComputer Networks : An Introduction to Computer Networks Handout #16: IP over ATM Homepage

SACM Vulnerability Assessment Scenario IETF 95 04/05/2016.

Copyright © 2009 Trusted Computing Group An Introduction to Federated TNC Josh Howlett, JANET(UK) 11 June, 2009.

Cisco Energy Management Suite Excerpt. Market Drivers for Cisco Energy Management Growing Regulations, Corporate Sustainability and the Environment 

TurningPoint ResponseWare

Introduction to Technology Infrastructure

Firewall Issues Research Group GGF-15 Oct Boston, Ma Leon Gommans - University of Amsterdam Inder Monga - Nortel Networks.

Self-service enrollment for Windows desktops

How to have an Espresso Espresso User Guide.

Computer Data Security & Privacy

network interface card (NIC)

SACM Virtual Interim Meeting

Introduction to Technology Infrastructure

SVTRAININGS. SVTRAININGS Features of SCCM  Application management  Provides a set of tools and resources that can help you create, manage, deploy, and.

Network Models, Hardware, Protocols and number systems

Uplink Broadcast Service

Network Hardware and Protocols

AP Functional Needs of CAPWAP

IPv6 For IoT Mahyar Tajdini, DUT, Dec 2016.

Implement Inter-VLAN Routing

Read this to find out how the internet works!

Bing Liu, Yuefeng Wu IETF July 2017

Remote ATtestation ProcedureS (RATS)

Henk Birkholz Jarret Lu Nancy Cam-Winget

Presentation transcript:

SACM Scope Discussion IETF-92 Meeting March 23, 2015 Dave Waltermire Adam Montville

Background Targeting by endpoint class became a point of discussion Class of endpoint may effect which attributes can be relied on for identifying that endpoint Seemed to be consensus within that design team to agree on defining endpoint classes

Paraphrased SACM’s Charter Collect and verify security configurations First address enterprise use cases for endpoint posture assessment

SACM Goals Are To Define: 1.A set of standards to enable assessment of endpoint posture [in the enterprise context]. 2.A set of standards for interacting with repositories of content related to assessment of endpoint posture [in the enterprise context].

Let’s Categorize Devices And Pick Traditional Mobile Network Devices Constrained (e.g. ICS, IoT)

SUPPORTING MATERIAL

RFC 5209: Endpoint Definition Any computing device that can be connected to a network. Such devices normally are associated with a particular link layer address before joining the network and potentially an IP address once on the network. This includes: laptops, desktops, servers, cell phones, or any device that may have an IP address.

RFC 5209: Posture Definition Configuration and/or status of hardware or software on an endpoint as it pertains to an organization’s security policy.