Report card on a network based anti-worm defence system presented at Virus Bulletin 2008

by John Morris (Nortel),

Tags: Security


Summary : "At VB2002, Nortel presented its network-based anti-worm defence system that it used on its internal network. Looking back
over the past six years, how did the automated detect and isolate process work? Did it prevent network worms? How did it
make out with the arrival of bots? As with any report cards, the results are mixed, but it still made the honour roll.
This paper will review the original design of the system as well as how it evolved to meet new threats. More importantly,
it will cover how it reacted to a variety of 'in-the-wild' malware events over the past few years and how this defence
model continues to be indispensable in 2008.