John Morris Nortel
At VB2002, Nortel presented its network-based anti-worm defence system that it used on its internal network. Looking back over the past six years, how did the automated detect and isolate process work? Did it prevent network worms? How did it make out with the arrival of bots? As with any report cards, the results are mixed, but it still made the honour roll.
This paper will review the original design of the system as well as how it evolved to meet new threats. More importantly, it will cover how it reacted to a variety of 'in-the-wild' malware events over the past few years and how this defence model continues to be indispensable in 2008.