Security Basics mailing list archives

Re: NAC Question

From: avghacker () gmail com
Date: Tue, 24 Mar 2009 16:49:02 +0000

Well we have the downadup worm floating around our network and are slowly trying to deal with it.  Our environment has 
a lot of users who are local admins so they basically are allowed to download anything here and at home.  I wanted a 
way to keep them off the network unless they have patches and an AV solution.  Many users only pull out their laptops 
every couple of weeks so obviously the update server isn't reaching them.

Side note: already have and ids in place
------Original Message------
From: exzactly
To: avghacker () gmail com
To: security-basics () securityfocus com
Subject: Re: NAC Question
Sent: Mar 24, 2009 12:34 PM

Are you sure NAC is the way to go for your issue? An IPS may be a better 
option to keep the spread of Malware down. NAC can be expensive, messy to 
implement and time consuming, it has it's place but I don't know if your 
requirements would warrant it. Can you add a little more information to your 
issue?

--------------------------------------------------
From: <avghacker () gmail com>
Sent: Friday, March 20, 2009 4:39 AM
To: <security-basics () securityfocus com>
Subject: NAC Question

Hey all was wondering if anyone had any experience with deploying or 
maintaining a NAC?  I'm looking for recommendations, advice, gotchas, 
etc...

Having some serious malware issues in a place that doesn't have patch 
management and I'm looking to turn to a NAC to help bring the network 
under control.....advice?

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec 
Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, 
Certified Ethical Hacker and Certified Penetration Tester exams, taught by 
an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------



Sent from my Verizon Wireless BlackBerry

Current thread:

NAC Question avghacker (Mar 24)
- Re: NAC Question exzactly (Mar 24)
- <Possible follow-ups>
- Re: NAC Question avghacker (Mar 24)
  - Re: NAC Question Jason (Mar 25)
  - Re: NAC Question badz (Mar 25)
  - Re: NAC Question Noah . Lance (Mar 25)
- Re: NAC Question ushacker20002001 (Mar 25)
- Re: Re: NAC Question chmod1777 (Mar 25)