Re: Vulnerability Mitigation

["Scholz, Greg" <gscholz () KEENE EDU>]

We have recently deployed Cisco Clean Access (CCA) for dorms.  For the
most part are very happy with it.  It has had some growing pains but it
really seems Cisco is taking the product seriously as a solution and NOT
joining it at the waist to their other products (although like any other
product there could be benefits if your infrastructure devices are same
vendor).

As for the enterprise, I would still recommend looking into the current
and future of CCA.  It either does or may do soon:
1. Windows pass through authentication
2. real time system compliance checking (not just at logon)
3. ability to check systems of remote users such as over a VPN
4. Better reporting to know "what is going on" not just "what has
happened"


_________________________
Thank you,
Gregory R. Scholz
Lead Network Engineer
Information Technology Group
Keene State College
(603)358-2070

-----Original Message-----
From: Brenda B Gombosky [mailto:brenda.gombosky () LOUISVILLE EDU] 
Sent: Monday, November 14, 2005 9:42 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Vulnerability Mitigation

What are most of you using for vulnerability mitigation for operating
system patches and virus protection?  We are looking at CISCO's Clean
Access possibly for the dorms but haven't found anything at the
enterprise level.

Brenda B. Gombosky
Director, Information Technology
University of Louisville
Miller IT Center, Room 109
Louisville, KY 40292
(502)852-5037