Requirements for Network Endpoint Assessment (NEA)

Document Type Replaced Internet-Draft (individual)
Last updated 2008-03-25 (latest revision 2006-06-27)
Replaced by draft-ietf-nea-requirements
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-nea-requirements
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document defines the interface (protocol) requirements between the components of the NEA (Network Endpoint Assessment) conceptual architecture. NEA provides owners of networks (e.g. an enterprise offering remote access) a mechanism to learn the operational state or posture of a system requesting network access and then apply this knowledge to the network admission decision. In this case, operational posture refers to information about the configuration and use of hardware and software capabilities available or running on the system. This information is frequently useful for detecting systems that are lacking (or have out of date) security protective mechanisms (e.g. anti-virus, firewall.) In order to provide context for the requirements, a conceptual architecture and terminology is introduced. This architecture is provided for informational purposes but is based on the models used by NAC[9], NAP[10] and TNC[8].


Hormuzd Khosravi (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)