RFC 5209

Network Endpoint Assessment (NEA): Overview and Requirements, June 2008

File formats:
icon for text file icon for PDF icon for HTML
P. Sangster
H. Khosravi
M. Mani
K. Narayan
J. Tardo
nea (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC5209

Discuss this RFC: Send questions or comments to the mailing list nea@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 5209


This document defines the problem statement, scope, and protocol requirements between the components of the NEA (Network Endpoint Assessment) reference model. NEA provides owners of networks (e.g., an enterprise offering remote access) a mechanism to evaluate the posture of a system. This may take place during the request for network access and/or subsequently at any time while connected to the network. The learned posture information can then be applied to a variety of compliance-oriented decisions. The posture information is frequently useful for detecting systems that are lacking or have out-of-date security protection mechanisms such as: anti-virus and host-based firewall software. In order to provide context for the requirements, a reference model and terminology are introduced. This memo provides information for the Internet community.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search