The self-defending network a resilient network

Steen Pedersen Ementor

  download slides (PDF)

One of the major problems with the current network viruses and worms is that it can be very hard to prevent them infecting the corporate network with the classic protection (anti-virus and gateway firewall). One infected system can bring down the network infrastructure. Even a network with the best managed anti-virus can be affected by a network virus. The reason is that unknown, unprotected and infected systems can connect to the network.

There are several different technologies and solutions from vendors which can make the network more resilient. For example, Cisco, McAfee, Microsoft have technology which can identify/report and/or prevent/quarantine unknown, unpatched, not updated and unsecured systems on the network, and a lot of technology/solutions surrounding ‘self-defending’ networks will be released in the near future. The paper will explain the pros and cons with different solutions and explain how they work and integrate with host-based and network-based intrusion detection/prevention systems. Taking the step from reactive to proactive protection.

Even a known/secure system which is infected by an unknown virus can be quarantined or denied access to the network. This can make the network more resilient against virus and worms.

Demonstrating how self-defending network works with the current technology is a part of the presentation.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.