Atomic Bob's Stock Forum - The Golden Thread

Forum Home |

Signup |

My Page

Rules |

FAQ |

Donate |

Boards |

Members |

« WAVX DD Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next

Re: What is EEE?

By: Wildman262 in WAVX DD | Recommend this post (0)
Wed, 13 Feb 08 11:51 AM
Boardmark this board | WAVX DD Longs Board

Msg. 06649 of 06668
(This msg. is a reply to 06648 by awk)
Jump:

Awk, it's a matter of time before Wave has some sort of bundling/free on small fee for their EEE with a TNC/NAC vendor.

In addition to them, the antivirus people could use it to make sure that antivirus software has not been hacked.

This would be a huge driver to turn on TPMs probably cause for Wave's excitement when MSFT decided to work with the TNC.

» You can also:

Ignore/Hide this poster on all boards (Requires login)
Membermark this member (Requires login)
Email this message to a friend

- - - - -
The above is a reply to the following message:

What is EEE?
By: awk in WAVX DD
Tue, 12 Feb 08 6:34 PM

Msg. 06648 of 06668

Over the past couple of days I have dug a bit into the EMBASSY Endpoint Enforcerer (EEE) and was in contact with Wave to obtain a better understanding of the technology and the associated business model. Below the result of this undertaking:

The EEE is a bit different than all the other Wave tools. EEE is not really a "hard" product like i.e. the EMBASSY TrustDrive Manager (ETDM).

EEE, today, is an SDK (Software Developer Kit) for building a TNC client. It would reside and execute on the client machine. Whether it gets pushed to the client from the NAC/TNC server or not is probably up to the VPN/TNC/NAC vendor who would choose to implement it in their client software.

EEE provides the libraries and components needed to use the TPM and TSS to perform integrity measurements of the client utilizing the capabilities of the TPM to do hashing, signing, storing, etc.

The measurements could be of the transitive trust chain… bios, drivers, trust client, VPN client, OS, applications, etc. or the measurements could be of any executable or file, or hardware configuration of the devices. These integrity measurements performed by EEE would be provided in a TNC format which can then be sent to the TNC/NAC server which provides a policy enforcement point for determining whether the supplied integrity measurements are correct and adequate for allowing access to the network, a resource, or other protected items controlled by the server.

MS Server 2008 will support the TNC defined protocols and processes, including those client measurements performed by EEE

EEE is not a product component which is included with ETS today. It is being ‘sold’ or offered to NAC vendors and others for integration into their own clients.

Wave has demonstrated some interesting applications of EEE for our its own products. At N+I in May, Wave demonstrated using EEE to measure the pre-boot OS used in the Seagate FDE drive to make sure that no one had tampered with the code.

Wave also showed measuring and reporting the fact that an FDE drive was in the client machine and that the security settings were set "on". These kinds of measurements could be used for assuring compliance in the event that a drive or laptop is stolen, or for high value/sensitive applications, the measurements could be used to make sure that the client machine could be trusted before sending files or allowing transactions to a server, for instance.

So "endpoint integrity" with EEE is not necessarily a driver to force PC OEMs to enter into a bundling agreement with Wave for the client side. The PC client only needs an activated TPM for EEE to function.

EEE, as a trusted service, is aimed more at getting NAC vendors to be able to turn on and use the TPM, so that Wave can sell the TPM related infrastructure and tools.

« WAVX DD Home | Email msg. | Reply to msg. | Post new | Board info.

Previous | Home | Next