RE: NAC solutions?

["Chinnery, Paul" <PaulC () mmcwm com>]

We are in the process of setting up a NAC from AEP.  We're a small, rural hospital but we do have auditors (clinical 
and non-clinical) who come on site and bring their own laptops.  Due to HIPAA regulations (and just plain common sense) 
we decided to protect certain ports (such as conference rooms, classrooms).

The device has been configured and we are now in the testing stage.  My first impression is that setting up a NAC is 
going to be as painful as setting up an IDS; lots of fine-tuning until you get it down to where you want it.

Paul Chinnery
Network Administrator
Memorial Medical Center

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]On Behalf Of Gibbs, Jason
Sent: Wednesday, August 29, 2007 5:14 PM
To: security-basics () securityfocus com
Subject: NAC solutions?


Hey all, I was wondering if anyone has delved into the NAC realm. I have seen demos of various NAC products from 
Mirage, Insightx, ForeScout. Etc. and they seem great for internal protection if they indeed work as good as they say J
I am looking for an out of band clientless solution. We already have Cisco 802.1x capable devices. 
So basically has anyone implemented a NAC solution or are you in the planning phase for a NAC solution. Endpoint 
security is my main concern for our 2008 budget.
TIA,

Jason