Home page logo
/

basics logo Security Basics mailing list archives

RE: NAC Question
From: "juan | ToBe Security" <juan_babi () hotmail com>
Date: Sat, 28 Mar 2009 19:27:13 -0300

You can implement nac with an ips so in case that the ips detects a virus
worm etc its talk to the switch and the switch configures the port in a
quarntine vlan etc, check the products of enterasys they do that. The
probelem is that its not cheep.

With nac you can get what is called Fw per port. And it's a modulaer
solution.

Cheers

Juan Baby. 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Jason
Sent: Tuesday, March 24, 2009 4:38 PM
To: avghacker () gmail com
Cc: security-basics () securityfocus com
Subject: Re: NAC Question

That does sound like something the NAC can help with. The NAC does let you
pick and choose what features you want to implement. I have not personally
done a NAC install but I do work for a company that does a fair number of
them. I am not sure if NAC will help you purge an existing virus problem.
The NAC is a technical means of enforcing policy that is typically written
into AUP's but is difficult to enforce, especially for home users with VPN
access or laptop users with local admin control.

avghacker () gmail com wrote:
Well we have the downadup worm floating around our network and are slowly
trying to deal with it.  Our environment has a lot of users who are local
admins so they basically are allowed to download anything here and at home.
I wanted a way to keep them off the network unless they have patches and an
AV solution.  Many users only pull out their laptops every couple of weeks
so obviously the update server isn't reaching them.

Side note: already have and ids in place ------Original Message------
From: exzactly
To: avghacker () gmail com
To: security-basics () securityfocus com
Subject: Re: NAC Question
Sent: Mar 24, 2009 12:34 PM

Are you sure NAC is the way to go for your issue? An IPS may be a 
better option to keep the spread of Malware down. NAC can be 
expensive, messy to implement and time consuming, it has it's place 
but I don't know if your requirements would warrant it. Can you add a 
little more information to your issue?

--------------------------------------------------
From: <avghacker () gmail com>
Sent: Friday, March 20, 2009 4:39 AM
To: <security-basics () securityfocus com>
Subject: NAC Question

  
Hey all was wondering if anyone had any experience with deploying or 
maintaining a NAC?  I'm looking for recommendations, advice, gotchas, 
etc...

Having some serious malware issues in a place that doesn't have patch 
management and I'm looking to turn to a NAC to help bring the network 
under control.....advice?

---------------------------------------------------------------------
--- This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec 
Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) 
exercises, Certified Ethical Hacker and Certified Penetration Tester 
exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
---------------------------------------------------------------------
---


    


Sent from my Verizon Wireless BlackBerry


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec
Institute's Ethical Hacking class. 
Totally hands-on course with evening Capture The Flag (CTF) exercises,
Certified Ethical Hacker and Certified Penetration Tester exams, taught by
an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online information security 
courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total 
hands-on training experience. Get the certs you need: CEH, CPT, CEPT, CISA, CISSP, CISM

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]