[CampusManager] Remediation Center from Everett Andrus on 2004-02-16 (CampusMgr)

From: Everett Andrus <andrus_at_bradford-sw.com>
Date: Mon, 16 Feb 2004 15:00:24 -0500

Campus Manager Remediation Center provides the ability to scan for and remedy network clients vulnerable to Viruses, Root Access, Backdoors, Denial of Service, File Sharing, RPC, Windows Vulnerabilities, etc.

The Remediation Center implements a three-step process to improve the health, performance, and security of the network, while reducing the overall interaction burden of the IT organization.

1. Network Client Scanning

· Scans

· Nessus Scans ~2000

· Independently developed Nessus Plug-ins

· System scans independently developed in Shell, C, C++, Perl, Java, etc.

· Scan profiles created through a Nessus client interface

· Nessus profiles containing other Nessus profiles, scans, and / or plug-ins

· Independently developed system profiles

· Multiple scan profiles associated to different network client groups:

· Unregistered Clients

· Registered Clients

· All Clients

· Specific Client Groups

· Servers

· Optimized multi-threaded scan engine

· Detects connecting client

· Identifies the appropriate scan profile(s) for the connecting client

· Scan client - Unregistered clients scanned prior to forcing registration

· Able to scan client once or rescan client on a scheduled basis

· On demand scan capability available to Administrators, Operators, Help Desk, and individual clients

· Label failed clients with a unique state as an "At Risk" client

· HTML Reports

· Individual scan reports

· Separate report for each scanned client

· Summary of client scans performed, results and remediation instructions

· Accessible by Administrators, Operators, Help Desk, and individual clients

2. Quarantine "At Risk" clients

· Automatically isolate "At Risk" clients from "Safe" clients and resources through the use of a Quarantine VLAN

· Define which switch ports participate in Quarantine VLAN switching

3. Remediation

· "At Risk" clients remedy themselves through following the provided instructions and implementing the required patches and updates

· On demand rescan capability available to Administrators, Operators, Help Desk, and individual clients

· Label remedied clients as a "Safe" client

· Automatically restore the "Safe" client to the appropriate network access

· Patches and updates can be accessed from external sites or made available locally within the Quarantine VLAN
Received on Mon Feb 16 2004 - 20:06:39 EST

This archive was generated by hypermail 2.2.0 : Tue Jan 06 2009 - 16:00:04 EST