Home > Ask the Security Experts > Network Security Questions & Answers > Should an ISP keep corrupted machines off of a network?
Ask The Security Expert: Questions & Answers
EMAIL THIS

Should an ISP keep corrupted machines off of a network?

Mike Chapple, featured expert EXPERT RESPONSE FROM: Mike Chapple, featured expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 19 February 2008
What role should ISPs have in identifying or addressing corrupted machines on a network? Should they block and quarantine them?

>
This is more of a good citizenship question than a technical question, so I suppose the answer is "it depends." I don't believe that Internet service providers (ISPs) have a legal responsibility to block and/or quarantine infected systems, but there are plenty of compelling reasons for them to take some action.

First, it's the neighborly thing to do. Blocking infected systems reduces the spread of malicious software on the Internet. Second, with fewer machines flooding the network with their wares, it conserves bandwidth, reducing costs for the ISP.

So why don't many ISPs do this? Quite simply, it can make customers angry. Many ISP customers expect unfettered access to the Internet, and they are not willing to tolerate "false positive" alerts that cause the temporary blocking of their systems while the matter is resolved.
There is a decent compromise that many ISPs adopt: notifying the owners of infected systems that they have security issue(s) on their network that require remediation. I would recommend this approach because it constitutes due diligence on the part of the ISP by informing the customer of the discovery without risking the client relationship due to an accidental disconnect.

More information:
  • IT pros still have an interest in network access control (NAC) technology. But as Neil Roiter explains, the cost and complexity of NAC means the road to adoption will not be quick.
  • Learn more about the basics of network access control.


    • BROWSE BY TAG
    Network Security,   DMZ Setup and Configuration,   NAC and Endpoint Security Management,   Enterprise Network Security,   Network Access Control Basics,   Secure Remote Access,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



    RELATED CONTENT
    Network Security
    How to set up a split-tunnel VPN in Windows Vista
    What is the difference between static and dynamic network validation?
    Port scan attack prevention best practices
    Securing the intranet with remote access VPN security
    How to prevent network sniffing and eavesdropping
    How to implement virtual firewalls in a complex network infrastructure
    How to manage network bandwidth with distributed ISP bandwidth
    How to edit group policy objects to give a user local admin rights
    How to prevent operating system cloning with AES 256-bit encryption
    How to securely connect a LAN POS to a remote point-of-sale device

    DMZ Setup and Configuration
    Endpoint protection best practices manual: Combating issues, problems
    How to set up a DMZ
    How to configure firewall ports for webmail system implementation
    When should a database application be placed in a DMZ?
    How will many firewalls serving as the default gateway affect the DMZ?
    Should a domain controller be placed within the DMZ?
    If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?
    A security checklist: How to build a solid DMZ
    Server considerations for internal network application setup
    How is internal mail channeled through an enterprise firewall?

    Network Access Control Basics
    Security vendors can learn from ConSentry Networks demise
    Best Network Access Control Products
    Perimeter defense in the era of the perimeterless network
    Network access control technology: Over-hyped or underused?
    Symantec offers endpoint protection management, monitoring services
    Configuring access control lists
    What is the difference between a VPN and remote control?
    Quiz: Endpoint security on a budget
    Opinion: Gartner gets NAC wrong, again
    What security software should be installed on Internet café computers?

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    DMZ  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts