Network Endpoint Assessment (NEA): Overview and Requirements
RFC 5209
Document Type RFC - Informational (June 2008; No errata)
Last updated 2015-10-14
Replaces draft-khosravi-nea-requirements
Stream IETF
Formats plain text pdf html bibtex
Reviews
SECDIR Last Call Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 5209 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Tim Polk
Send notices to (None)
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                   P. Sangster
Request for Comments: 5209                                 Symantec
Category: Informational                                 H. Khosravi
                                                              Intel
                                                            M. Mani
                                                              Avaya
                                                         K. Narayan
                                                      Cisco Systems
                                                           J. Tardo
                                                     Nevis Networks
                                                          June 2008

      Network Endpoint Assessment (NEA): Overview and Requirements

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Abstract

   This document defines the problem statement, scope, and protocol
   requirements between the components of the NEA (Network Endpoint
   Assessment) reference model.  NEA provides owners of networks (e.g.,
   an enterprise offering remote access) a mechanism to evaluate the
   posture of a system.  This may take place during the request for
   network access and/or subsequently at any time while connected to the
   network.  The learned posture information can then be applied to a
   variety of compliance-oriented decisions.  The posture information is
   frequently useful for detecting systems that are lacking or have
   out-of-date security protection mechanisms such as: anti-virus and
   host-based firewall software.  In order to provide context for the
   requirements, a reference model and terminology are introduced.

Sangster, et al.             Informational                      [Page 1]
RFC 5209                    NEA Requirements                   June 2008

Table of Contents

   1. Introduction ....................................................3
      1.1. Requirements Language ......................................4
   2. Terminology .....................................................5
   3. Applicability ...................................................7
      3.1. Scope ......................................................7
      3.2. Applicability of Environments ..............................8
   4. Problem Statement ...............................................9
   5. Reference Model ................................................10
      5.1. NEA Client and Server .....................................12
           5.1.1. NEA Client .........................................12
                  5.1.1.1. Posture Collector .........................12
                  5.1.1.2. Posture Broker Client .....................14
                  5.1.1.3. Posture Transport Client ..................15
           5.1.2. NEA Server .........................................15
                  5.1.2.1. Posture Validator .........................15
                  5.1.2.2. Posture Broker Server .....................17
                  5.1.2.3. Posture Transport Server ..................18
      5.2. Protocols .................................................18
           5.2.1. Posture Attribute Protocol (PA) ....................18
           5.2.2. Posture Broker Protocol (PB) .......................19
           5.2.3. Posture Transport Protocol (PT) ....................19
      5.3. Attributes ................................................20
           5.3.1. Attributes Normally Sent by NEA Client: ............21
           5.3.2. Attributes Normally Sent by NEA Server: ............21
   6. Use Cases ......................................................22
      6.1. Initial Assessment ........................................22
           6.1.1. Triggered by Network Connection or Service
                  Request ............................................22
                  6.1.1.1. Example ...................................23
                  6.1.1.2. Possible Flows and Protocol Usage .........23
                  6.1.1.3. Impact on Requirements ....................25
           6.1.2. Triggered by Endpoint ..............................25
                  6.1.2.1. Example ...................................25
                  6.1.2.2. Possible Flows and Protocol Usage .........26
                  6.1.2.3. Impact on Requirements ....................28
      6.2. Posture Reassessment ......................................28
           6.2.1. Triggered by NEA Client ............................28
                  6.2.1.1. Example ...................................28
                  6.2.1.2. Possible Flows & Protocol Usage ...........29
                  6.2.1.3. Impact on Requirements ....................30
           6.2.2. Triggered by NEA Server ............................30
Show full document text
ISOC IETF Trust RFC Editor IRTF IESG IETF IAB IASA & IAOC IETF Tools IANA