Re: Replacing NetReg with ?

["Hall, Rand" <hallr () MERRIMACK EDU>]

> [SafeConnect] seemed a little intrusive on clients as it required an always
> installed agent on computers. The Bradford solution allowed for a
> "dissolvable" agent that installed, ran, and uninstalled.

SafeConnect only requires the agent if you want posture assessment. I would
imagine those wanting posture assessment don't usually want just
point-in-time posture assessment but continuous assessment. For example, if
you get pwned (and, say, your AV process is terminated) a persistent client
can stick you in remediation land in seconds.


Rand

Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532
rand.hall () merrimack edu

If I had an hour to save the world, I would spend 59 minutes defining the
problem and one minute finding solutions. - Einstein


On Wed, Feb 19, 2014 at 10:52 AM, Thomas Carter
<tcarter () austincollege edu>wrote:

> We had a Bradford Networks device that managed both wired and wireless. It
> could do a number of nice things like pull AD attributes to determine the
> VLAN assignment. It also gave decent security as it controlled items at a
> port level and ports were set to default to a dead-end network to prevent
> spreading malware. Unfortunately the device was slow and cumbersome to use;
> it caused headaches at the beginning of every year as the rush of new
> students registering devices causes issues. Things came to a head when we
> had a failure and I was unsatisfied with Bradford's response, so we began
> looking elsewhere.
>
>
>
> We looked at SafeConnect, but, if I remember correctly, it more manages
> the outgoing Internet traffic and doesn't really manage at a port level. It
> seemed a little intrusive on clients as it required an always installed
> agent on computers. The Bradford solution allowed for a "dissolvable" agent
> that installed, ran, and uninstalled.
>
>
>
> We ended up rolling out Packetfence. While not quite as full-featured as
> Bradford, but it's free, faster than Bradford, and is virtualized to give
> some measure of redundancy. We've been using it for a year now and it has
> been what we were looking for. YMMV.
>
>
>
> Thomas Carter
>
> Network and Operations Manager
>
> Austin College
>
> 903-813-2564
>
> [image: AusColl_Logo_Email]
>
>
>
> *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
> SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Jeffrey Sabin
> *Sent:* Wednesday, February 19, 2014 9:24 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* [SECURITY] Replacing NetReg with ?
>
>
>
> Hello everyone - We are looking to replace our old, highly customized
> NetReg environment with something more modern and secure. We've looked at
> the Safe Connect product for example.
>
>
>
> Has anyone else undertaken a similar endeavor and how did it go? If you
> are not using NetReg today, what are you using?
>
>
>
> Just beginning to whittle down our options so any experience tales or
> advice would be most appreciated.
>
>
>
> Many thanks!
>
>
>
> Jeff
>
>
>
> *Jeffrey D. Sabin*
>
> INFORMATION SECURITY OFFICER/HEAD OF, INFRASTRUCTURE & SECURITY SERVICES
>
>
>
> Dial Center
>
> 2507 University Avenue    Des Moines, Iowa 50311-4505
>
> Tel  515.271.2935
>
> Fax 515.271.1938
>
> 1.800.44.DRAKE x2935
>
> E-mail jeff.sabin () drake edu