[unisog] Server based scan for student computers

Fred Portnoy fportnoy at mail.plymouth.edu
Fri May 13 17:36:45 GMT 2005


Checking for AV products and current DAT files and Windows updates is one
phase. Actually checking for current viruses is another phase. How you
choose to quarantine those who fail one or another part of the test is a
third phase. The presence of Windows Firewall is a complicating factor. I've
heard of an open-source thing called PacketFence although I haven't had a
chance to personally analyze it. Do you already have a
registration/authentication system in place? Because many available systems
also do that. Others can work in conjunction with what you're already using.
Cisco Clean Access is worth a look, as is Bradford, which operates somewhat
differently. We're getting ready to roll out a product called EPO from
McAfee to determine the Windows upgrade status and the McAfee AV status. It
can report on windows, and it can actually force the update of the AV. For
'guests' who are not regular campus residents, we're rolling out the Sygate
On Demand Agent ..... which is to work in conjunction with the Nortel Shasta
authentication server/gateway, which already handles those chores for our
residential and wireless networks.

-f

-----Original Message-----
From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org]
On Behalf Of Andy Druda
Sent: Friday, May 13, 2005 12:59 PM
To: UNIversity Security Operations Group
Subject: [unisog] Server based scan for student computers

We are looking to setup a browser-based (at least the entry point) system
which new student's computers will be directed to until they are registered.
We want to check for anti-virus software, updates for such, presence of:
viruses, current patches and other security problems.

We would rather not have the expense of a commercial product but we are not
even sure what some of the commercial products actually do so they may even
be worth some cost.

Once certified as safe the student will then be led to a registration system
which will place them in the normal resnet VLAN.

Can some of you who do this tell me what your using?

Thanks,


Andy




--
Andy Druda
Director of Campus Technology
Wagner College
Staten Island, New York
718 390 3204

_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog



More information about the unisog mailing list