[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    Re: Rogue devices on network
From:       Rob Bergin <rbergin () gmail ! com>
Date:       2004-11-24 17:41:01
Message-ID: 1fe06f0004112409413349a702 () mail ! gmail ! com
[Download RAW message or body]

Hi John,

Cisco's CSA is a great potential solution unfortunately it tends to be
oriented toward Cisco technology (supplicant, authenticators and
authentication server).

802.1x was written so that it should be vendor independent - use it
with Nortel/Cisco/Enterasys and all compliant clients (Linux,
Microsoft, Macintosh, etc).

But keep your eyes on Cisco's CSA and Enterasys's Trusted stuff -
thats going to the wave of the future for device access methods and
for controlling what's on the devices.

Thanks,

Rob



On Tue, 23 Nov 2004 14:22:03 -0500, Aragona, John (TD & DS,
Application Infrastructure Svcs.) <john_aragona@ml.com> wrote:
> Hi Rob,
> 
> Although not exactly a tool so to speak, you may want to check out a
> Cisco solution called CSA (Cisco Security Agent)
> 
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080
> 34607c.shtml
> 
> Regards,
> 
> -j
> 
> John Aragona
> Merrill Lynch
> Consultant
> 
> 
> 
> 
> -----Original Message-----
> From: Dunn, Rob [mailto:RDunn@KERRYGROUP.com]
> Sent: Tuesday, November 23, 2004 1:18 PM
> To: Patch Management Mailing List
> Subject: Rogue devices on network
> 
> Does anyone have any tools that can help isolate and identify rogue
> devices
> on the network?  For example, we'd like to prevent people from bringing
> in
> their home laptops (unpatched, I might add), and plugging in the
> network.  I
> don't want to get into letting people on via their MAC address, or
> anything
> like that (although that would be -quite- effective).
> 
> Here's the problem:   We've had situations where new scanner/copier
> network
> server devices are installed without our knowledge at some remote plant
> -
> then, in some cases, the device gets infected with a worm, and we can't
> manage it because we weren't made aware of the device in the first
> place.
> 
> Anyone have any ideas how to keep up with what's going on out there?
> 
> Thank you everyone...
> 
> *****Rob Dunn
> Information Systems
> Kerry Ingredients North America
> http://uphold2001.brinkster.net/vbshf/forum
> 
> ---
> To unsubscribe send a blank email to
> leave-patchmanagement@patchmanagement.org 
> --------------------------------------------------------
> 
> If you are not an intended recipient of this e-mail, please notify the sender, \
> delete it and do not read, act upon, print, disclose, copy, retain or redistribute \
> it. Click here for important additional terms relating to this e-mail.     \
>                 http://www.ml.com/email_terms/
> --------------------------------------------------------
> 
> 
> 
> 
> ---
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> 

---
To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org


[prev in list] [next in list] [prev in thread] [next in thread]