Remediating Violated Customers

Service Providers can not sit back and allow violated customers to continue on their network. The applies to all Service Providers, be it residential, business, cloud, hosting, mobile, or any other. This module will use the outline of the community’s expression of necessary action – IETF draft-oreirdan-mody-bot-remediation – as the foundation to walk peers through the details.

 

Core principles and knowledge objectives:

  • Customers are not the problem. They are victims of a thriving criminal eco-system.
  • Violated customers are a critical risk to the business.
  • The Service Provider, ISC, Cloud, Hosting Provider, or big enterprise cannot solve the problem on their own – they need to work as part of a eco-system team that cleans up malware
  • There are cost effective techniques that can be used to build a synergistic “security relationship” with your customers and users.

What’s Next?

This module is constantly evolving, pulling in experience from providers around the world. Here are some of the items in the queue to be added:

  • Explicit examples of how generic solutions would work.
  • Dust off, update, and elaborate on the remediation cycle. It offers a work flow of action.

Latest Version

The latest version would be pushed up to Slideshare.

Remediating Violated Customers

View more presentations from Barry Greene.

References

The following are useful whitepapers, specifications, articles, and other resources that would help operators get internal support, design, deploy, and implement a remediation tool kit.

 

 

What is a Walled Garden? http://en.wikipedia.org/wiki/Walled_garden_(media)

Violated Customers

Many SPs Already has Walled Gardens Deployed – It is their Self Provisioning System

Many SPs have deployed a walled garden system to scale their provisioning teams – allowing consumers to get equipment from the corner computer stores.

How To Deploy Cost Effective Wall Gardens

Open Source Vendor Neutral Tools

  • NetPass is a vendor-neutral network environment for quarantining clients identified as being out of compliance with your network policy. http://netpass.sourceforge.net/

How To Whitepaper and Presentations

  • Life on a University Network: An Architecture for Automatically Detecting, Isolating, and Cleaning Infected Hosts

Eric Gauthier, Boston University http://www.nanog.org/mtg-0402/gauthier.html

  • EDUCAUSE 2007 Security Architecture Design http://www.educause.edu/SecurityArchitectureDesign/1261 Aim: Strengthen the security of your infrastructure by designing security into it and creating control points from which computers can be maintained, where network traffic can be filtered and monitored, and where problematic segments of the network can be detached from the rest to protect the majority.

University Quarantine Approaches

Universities have a difficult challenge. Every Fall they must handle a wave of students, faculty, and staff returning to school with their computers. Computer which have unknown security risk. These computers all connect to the campus network infecting and getting infected over the nice high speed infrastructure. Until that infrastructure is stressed to service impact.

Example Pages Once a Victim is Inside the Quarantine

Articles and Whitepapers

Vendor Product and Commercial Solutions (needs updating)