Report card on a network based anti-worm defence system

John Morris Nortel

At VB2002, Nortel presented its network-based anti-worm defence system that it used on its internal network. Looking back over the past six years, how did the automated detect and isolate process work? Did it prevent network worms? How did it make out with the arrival of bots? As with any report cards, the results are mixed, but it still made the honour roll.

This paper will review the original design of the system as well as how it evolved to meet new threats. More importantly, it will cover how it reacted to a variety of 'in-the-wild' malware events over the past few years and how this defence model continues to be indispensable in 2008.

 del.icio.us  digg this! digg this

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Malware Prevalence
Autorun |#######|
Encrypted/Obfuscated |#####|
Heuristic/generic |#####|
Sality |####|
Zbot |####|
 View this month's full report

Virus Bulletin currently has 224,240 registered users.