InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
AI Subscribe Login/Register account icon
S&P 500
5,344.39
(
0.00%
)
US TECH 100
18,187.60
(
0.73%
)
Dow Jones
39,357.01
(
-0.36%
)
Brent Oil
81.51
(
-0.12%
)
Bitcoin
59,078.60
(
-0.47%
)
Post# of 249374
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Replies (3) Keep Next 10 Report Keyboard Shortcuts
Replies (3) Next 10 Prev Next

awk

Send PM Follow Ignore
Followers 88
Posts 7081
Boards Moderated 2
Alias Born 07/21/2003

awk

Re: None

Tuesday, 02/12/2008 7:37:31 PM

Tuesday, February 12, 2008 7:37:31 PM

Post# of 249374
What is EEE?

Over the past couple of days I have dug a bit into the EMBASSY Endpoint Enforcerer (EEE) and was in contact with Wave to obtain a better understanding of the technology and the associated business model. Below the result of this undertaking:

The EEE is a bit different than all the other Wave tools. EEE is not really a "hard" product like i.e. the EMBASSY TrustDrive Manager (ETDM).

EEE, today, is an SDK (Software Developer Kit) for building a TNC client. It would reside and execute on the client machine. Whether it gets pushed to the client from the NAC/TNC server or not is probably up to the VPN/TNC/NAC vendor who would choose to implement it in their client software.

EEE provides the libraries and components needed to use the TPM and TSS to perform integrity measurements of the client utilizing the capabilities of the TPM to do hashing, signing, storing, etc.

The measurements could be of the transitive trust chain… bios, drivers, trust client, VPN client, OS, applications, etc. or the measurements could be of any executable or file, or hardware configuration of the devices. These integrity measurements performed by EEE would be provided in a TNC format which can then be sent to the TNC/NAC server which provides a policy enforcement point for determining whether the supplied integrity measurements are correct and adequate for allowing access to the network, a resource, or other protected items controlled by the server.

MS Server 2008 will support the TNC defined protocols and processes, including those client measurements performed by EEE

EEE is not a product component which is included with ETS today. It is being ‘sold’ or offered to NAC vendors and others for integration into their own clients.

Wave has demonstrated some interesting applications of EEE for our its own products. At N+I in May, Wave demonstrated using EEE to measure the pre-boot OS used in the Seagate FDE drive to make sure that no one had tampered with the code.

Wave also showed measuring and reporting the fact that an FDE drive was in the client machine and that the security settings were set "on". These kinds of measurements could be used for assuring compliance in the event that a drive or laptop is stolen, or for high value/sensitive applications, the measurements could be used to make sure that the client machine could be trusted before sending files or allowing transactions to a server, for instance.

So "endpoint integrity" with EEE is not necessarily a driver to force PC OEMs to enter into a bundling agreement with Wave for the client side. The PC client only needs an activated TPM for EEE to function.

EEE, as a trusted service, is aimed more at getting NAC vendors to be able to turn on and use the TPM, so that Wave can sell the TPM related infrastructure and tools.
Public Reply Private Reply New Post
Keep Last Read
Replies (3) Keep Last Read Next 10 Report Keyboard Shortcuts
Replies (3) Next 10 Prev Next
Join InvestorsHub

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up