Report card on a network based anti-worm defence system

John Morris Nortel

At VB2002, Nortel presented its network-based anti-worm defence system that it used on its internal network. Looking back over the past six years, how did the automated detect and isolate process work? Did it prevent network worms? How did it make out with the arrival of bots? As with any report cards, the results are mixed, but it still made the honour roll.

This paper will review the original design of the system as well as how it evolved to meet new threats. More importantly, it will cover how it reacted to a variety of 'in-the-wild' malware events over the past few years and how this defence model continues to be indispensable in 2008.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.