[unisog] unisog Digest, Vol 20, Issue 16

Seth Shestack shestack at temple.edu
Sat Nov 19 13:37:53 GMT 2005


This past fall we began a NAC implementation for all of our 
residence hall networks.
As part of our return to school "net registration process" 
we implemented distribution of a NAC agent along with our 
anti-virus solution.
This was an evolution of our previous process to add NAC.

We assembled a project team, which I ran, and investigated 
many products including: Bradford, Cisco 
(perfigo),Sygate,Checkpoint, and a few others.

We chose the Sygate solution for several reasons including 
802.1x integration with our infrastructure ( future- as part 
of network refresh), as well as a quarantine architecture we 
could implement immediately while our switch upgrade is 
underway.

This solution has been positive for us
Based on institution size, infrastructure, and configuration 
our solution may not be the best for everyone.
I personally recommend NAC as a solution to many problems 
faced in todays university environment.

I can share the methodology we used to match the solution 
best for us, rather than recommend any product ( they were 
very close ), I would recommend you do an evaluation to 
determine best fit with your needs.

BTW I will be presenting a session at the Educause regional 
conference in Baltimore, along with the project manager for 
the development portion of this project.We developed an 
in house application to process the net registration process 
and deploy all required agents and applications to the 
student desktops. 

Seth
---- Original message ----
>Hi
>
>We're in the process of researching our options as far as 
Network Access
>systems go. Specifically, products like Bradford Campus 
Manager,
>StillSecure, Sygate, Cisco CleanAccess (although we're not 
a cisco shop, so
>probably not) or other varations.
>
>We're looking for a system that can clean/scrub/quarantine 
bad machines and
>do such a check on a regular basis. If it could be coupled 
with some form of
>authentication, that would be bonus.
Seth Shestack, CISSP
Network Security Manager
Temple University Computer Services
Phone 215-204-5884
e-mail shestack at temple.edu


More information about the unisog mailing list