{"draft":"draft-ietf-nea-requirements-07","doc_id":"RFC5209","title":"Network Endpoint Assessment (NEA): Overview and Requirements","authors":["P. Sangster","H. Khosravi","M. Mani","K. Narayan","J. Tardo"],"format":["ASCII","HTML"],"page_count":"53","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Network Endpoint Assessment","abstract":"This document defines the problem statement, scope, and protocol\r\nrequirements between the components of the NEA (Network Endpoint\r\nAssessment) reference model.  NEA provides owners of networks (e.g.,\r\nan enterprise offering remote access) a mechanism to evaluate the\r\nposture of a system.  This may take place during the request for\r\nnetwork access and\/or subsequently at any time while connected to the\r\nnetwork.  The learned posture information can then be applied to a\r\nvariety of compliance-oriented decisions.  The posture information is\r\nfrequently useful for detecting systems that are lacking or have\r\nout-of-date security protection mechanisms such as: anti-virus and\r\nhost-based firewall software.  In order to provide context for the\r\nrequirements, a reference model and terminology are introduced.  This memo provides information for the Internet community.","pub_date":"June 2008","keywords":["Posture","Remediation","reassessment","Validator","Collector","Broker","compliance","privacy","disclosure","replay","trust","policy"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5209","errata_url":null}