Skip to main content

Using Security Posture Assessment to Grant Access to Enterprise Network Resources

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors David Waltermire , Adam W. Montville , David Harrington
Last updated 2014-01-16 (Latest revision 2013-07-15)
Replaced by draft-ietf-sacm-use-cases
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Stream WG state (None)
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-sacm-use-cases
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This memo documents a sampling of use cases for securely aggregating configuration and operational data and assessing that data to determine an organization's security posture. From these operational use cases, we can derive common functional capabilities and requirements to guide development of vendor-neutral, interoperable standards for aggregating and assessing data relevant to security posture.


David Waltermire
Adam W. Montville
David Harrington

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)