[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: RES: NAC solutions
From: Alexandre Fernandes <alexandre.fernandes () lasa ! com ! br>
Date: 2011-08-03 17:57:59
Message-ID: 914293C3333A084F85B6E081441431F301E2C725E74A () SPEXMS ! la ! ad ! b2w
[Download RAW message or body]
Do you have any options.... About Cisco, take a look: \
http://www.cisco.com/en/US/products/ps6128/index.html and another option is BIG-IP \
(http://www.f5.com/pdf/white-papers/simplify-application-access-wp.pdf ) I hope that \
help.
________________________________________
De: listbounce@securityfocus.com [listbounce@securityfocus.com] em Nome de Nick \
Schroedl [NSchroedl@mullen-group.com]
Enviado: quarta-feira, 3 de agosto de 2011 13:07
Para: 'James Jelinek'; security-basics@securityfocus.com
Assunto: RE: NAC solutions
It was a while back when we purchased it, I just remember that it was one of
the more expensive systems we looked at. However we built ours with full
redundancy at a separate data center which doubled the cost. We have around
1500 systems across North America and we use Bradford to do on the fly
dynamic vlans. So basically if we don't trust a system based on our
policies the Bradford system will auto log into the switch via ssh and enter
the command to switch the port to either a "black hole" VLan or our
"internet only" VLan which still goes through our proxy system. We are
mostly Cisco and HP switches and we have not run into an issue except with
older Cisco gear that just needed an update.
Bradford Sales is very helpful, and they are a great company to work with.
I would recommend with starting at their website and arranging a web
conference to get more info straight from them.
Nick
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of James Jelinek
Sent: Wednesday, August 03, 2011 9:56 AM
To: security-basics@securityfocus.com
Subject: RE: NAC solutions
We're in a similar position as Andi. Looking for a NAC/IDS solution for our
network of 100 workstations, 7 subnets (long story), and multiple ACL
nightmares. I'm looking into Packetfence as well since it will supposedly
work with the HP Procurve switches we have. It will only shut ports with
these switches, it won't do any layer-3 blackholing/etc.
Definitely worth a look.
I'd like to check out Bradford, what is the average cost? Or is that an
arbitrary question?
-James
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Nick Schroedl
Sent: Wednesday, August 03, 2011 10:42 AM
To: 'Morris, Andi'; security-basics@securityfocus.com
Subject: RE: NAC solutions
We have the Bradford Networks solution running and it is SLICK! Control
right down to the switch level and not dependent on MAC addresses. The
system its self will work on wireless, and wired, and will work with pretty
much any managed switch. Downside is it is a tad bit pricy. You will have
to have a fairly large network to justify the cost.
Nick
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On
Behalf Of Morris, Andi
Sent: Wednesday, August 03, 2011 2:45 AM
To: security-basics@securityfocus.com
Subject: NAC solutions
I'm about to do some investigating in to NAC solutions for our network.
Is
there a good list of solutions with pros and cons around? The main one that
is grabbing my eye at the moment is PacketFence due to the open source
nature and seemingly large flexibility of the product.
I'm looking at a network integrated solution, rather than one that would
need endpoint client installation, and it would need to work seamlessly with
our Cisco infrastructure.
Cheers,
Andi
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate. We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f7
27
d1
------------------------------------------------------------------------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate. We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL \
certificate. We look at how SSL works, how it benefits your company and how your \
customers can tell if a site is secure. You will find out how to test, purchase, \
install and use a thawte Digital Certificate on your Apache web server. Throughout, \
best practices for set-up are highlighted to help you ensure efficient ongoing \
management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic