Security Basics mailing list archives
Re: NAC Question
From: Micheal Cottingham <techie.micheal () gmail com>
Date: Tue, 28 Apr 2009 19:49:53 -0400
I agree that NAC is a good approach to this problem, and probably something you want to look in to implementing in the future, but what about a slightly less expensive solution for the time being while you whittle things down? I can see this being a two-pronged approach. First, setup something similar to ICARUS (http://uf.freeculture.org/wiki/ICARUS) and do a blackhole vlan. If you have the right equipment, you can do this for nothing on your existing infrastructure. The second step would be to have social enforcement instead of technical enforcement through having your laptop users come to you every time they go offsite and come back, they go to the helpdesk, get an AV scan, spyware scan, etc. and run updates. This way you can hopefully limit the amount of unwanted traffic on your network and get cleaned up. While it does impose some problems on the helpdesk, especially when the changes are first implemented, it will help tremendously with getting cleaned up and hopefully teaching your users that the company laptop belongs to the company. ;) As far as IPS instead of NAC, while I am an avid supporter of IPS, IPS's can be as expensive, if not moreso, than NAC. I've seen lower-end IPS models run about 20k and go up as high as 100k and more, not counting support contracts. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- Re: NAC Question Micheal Cottingham (May 01)