Educause Security Discussion mailing list archives

Re: Cisco Clean Access & Impulse Point...

From: "WILLIAM I. ARNOLD" <WARNOLD () UT EDU>
Date: Wed, 20 Jul 2005 09:58:25 -0400

We here at the University of Tampa have been using Impulse for about 9
months. We are very pleased with the product. We are using version 1.5 and
are going this fall to version 2. We have about 1,000 students currently
utilizing the system and plan to bring the last 1,000 students on line in
September. We justified this as the result of Blaster and other viruses that
took down our residence network. We were also shutting off port by port for
offenders. We have not had to shut down any ports since implementation. If
anyone needs further info please contact off list. I will be happy to share
our good and bad times.
William I. Arnold IV
Network Security Engineer
The University of Tampa
813-253-6284
warnold () ut edu

-----Original Message-----
From: Chad McDonald [mailto:chad.mcdonald () GCSU EDU]
Sent: Tuesday, July 19, 2005 4:20 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cisco Clean Access & Impulse Point...


I don't think that I am supposed to comment on specific pricing that we
received, suffice it to say that I would recommend speaking with Impluse
about pricing.  They make a very attractive offer.  Jenny Ireland is our
rep.  I believe that her contact info was posted earlier in this thread,
otherwise feel free to contact me offline and I will give you that info.


Thanks,
Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
478.445.4473  Office
478.454.8250 Cell
478.445.1202 Fax

-----Original Message-----
From: Doug Sandford [mailto:dsandfor () SEEBECK UA EDU]
Sent: Tuesday, July 19, 2005 3:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cisco Clean Access & Impulse Point...

I certainly appreciate the importance of the product and the functionality.
What I'm curious about is how schools with 25k + users justified the cost?
Educational price breaks aside, it still sounds like a chunk of money....any
comments?

Forwarded by:           dsandfor () seebeck ua edu
Forwarded to:           doug () bama ua edu
Date forwarded:         Tue, 19 Jul 2005 8:51:29 -0500
Date sent:              Tue, 19 Jul 2005 09:49:53 -0400
Send reply to:          The EDUCAUSE Security Discussion Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU>
From:                   "Gibbs, Aaron M." <AMGibbs () ST-AUG EDU>
Subject:                Re: [SECURITY] Cisco Clean Access & Impulse Point...
To:                     SECURITY () LISTSERV EDUCAUSE EDU

Impulse Point pricing is based on the number of users.

$27,500 for < 1000 users and $32,000 for < 2500. Annual maintenance charges
are 20% of the original purchase cost.

Aaron M Gibbs
Interim Vice President/CIO
Center for Information Technology
St. Augustine's College
919-516-4379 (Office)
919-516-4382 (Fax)
amgibbs () st-aug edu
www.st-aug.edu

-----Original Message-----
From: Schmitt, Dianne [mailto:dschmitt () JJC EDU]
Sent: Friday, July 15, 2005 5:43 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cisco Clean Access & Impulse Point...



What pricing do they offer, better than Clean Access?



Dianne Schmitt



Assoc VP Information Technology

Joliet Junior College

1215 Houbolt Rd.

Joliet, IL 60431-8938



Phone:  815.280.6641

Fax:  815.280.2668


  _____


From: Gibbs, Aaron M. [mailto:AMGibbs () ST-AUG EDU]
Sent: Thursday, July 14, 2005 4:49 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cisco Clean Access & Impulse Point...



We're looking at implementing Impulses device. We looked at the Bradford
Campus Manager, which has great functionality. However, Impulse Point also
has great functionality that is similar to the Campus Manager coupled with a
good price point. I'd be interested also in knowing others experiences with
Impulse Point.



Aaron M Gibbs
Interim Vice President/CIO
Center for Information Technology
St. Augustine's College
919-516-4379 (Office)
919-516-4382 (Fax)
amgibbs () st-aug edu
www.st-aug.edu

-----Original Message-----
From: Michael Cole [mailto:mcole () CLARKU EDU]
Sent: Thursday, July 14, 2005 3:58 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Cisco Clean Access & Impulse Point...

FYI for the list:



    We've been using a product called Campus Manager to the past few years
from Bradford networks, www.bradfordnetworks.com  they're a small start up
in NH but they've been growing and have an awesome product that sits off
line and is very flexible in what it can do based on what you want/need.  It
does both network registration and remediation/quarantine functions.  It's
worth looking into if your looking for a solution.  We've been very happy
with it.



Mike



Michael A. Cole
Network Engineer, Information Technology Services Clark University,
Worcester MA  01610 508.793.7772 Mcole () clarku edu

-----Original Message-----
From: Mark Staples [mailto:mstaples () MAIL MCG EDU]
Sent: Thursday, July 14, 2005 3:41 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Cisco Clean Access & Impulse Point...

Anyone pilot both CCA and Impulse Point ( http://www.impulse.com/)?  Impulse
Point was designed for higher ed and is priced very attractively.  So far,
we've only seen presentations and nothing live.

Any feedback would be great.



Mark



-----
Mark Staples
Director of Information Security/Chief Information Security Officer IT
Research Liaison Medical College of Georgia
Office: 706-721-1577
mstaples () mcg edu



--------



All information in the communication, including attachments, is strictly
confidential and intended solely for delivery to the addressee(s) identified
above (ie, To/cc/bc), and may contain privileged, confidential, proprietary
and /or intellectual property entitled to protection from disclosure under
applicable law.  If you are not the intended recipient, please take note
that any use, distribution or copying of this communication is unauthorized
and may be unlawful.  If you have received this communicatierror, please
notify the sender, delete this correspondence from your computer, and
destroy any printed copies of this communication.

franklin () TXSTATE EDU 07/14/05 3:13 PM >>>


This is a response from our network lead who implemented CCA a month or so
ago:

I got tired of trying to keep up with the IP's used for windows update.
Using the host names is much better, but even then it's a moving target.
Microsoft sometimes adds new sub domains and in the latest version of the
update page it's a url under microsoft.com.

We are allowing traffic to everything ending in microsoft.com and g.msn.com.
That way the updates always work (so far) and students can search for and
download patches manually. There are cases when windows update claims that a
machine is fully patched but it is still missing something. The helpdesk can
tell what's missing from the reports and the student can search for KBxxxx
and download and install it manually.

Anders Engle
Systems Programmer I
Texas State University

-----Original Message-----
From: Flagg, Martin D. [ mailto:FlaggMD () HIRAM EDU]
<mailto:FlaggMD () HIRAM EDU%5d>
Sent: Thursday, July 14, 2005 1:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Windows Updates and Cisco Clean Access


We are implementing Cisco Clean Access (formally Perfigo).  It has gone
really well but we keep coming up with problems with Windows Update, it
fails because CCA is blocking the IP.  When this happens, I use a sniffer
and add the new IP address that Microsoft is using and then it works, until
they change address's again.  Cisco says use the Host setting allowing
requests that end in "update.microsoft.com".  This does not always work.

I am really at a loss because it works for 95% of the machines but I can not
afford to have 5% of the students in my office when they get back from the
summer.

Any Ideas?

Martin Flagg
Hiram College


Doug Sandford
Information Security Officer
University of Alabama
Seebeck Computer Center
doug () ua edu

This email is intended only for the person to whom it is addressed.  Any
review or other use of this information by persons or entities other than
the intended recipient or any retransmission without the consent of the
sender is prohibited.

Current thread:

Re: Cisco Clean Access & Impulse Point..., (continued)
- Re: Cisco Clean Access & Impulse Point... Schmitt, Dianne (Jul 15)
- Re: Cisco Clean Access & Impulse Point... Dave Koontz (Jul 17)
- Re: Cisco Clean Access & Impulse Point... chad.mcdonald () gcsu edu (Jul 17)
- Re: Cisco Clean Access & Impulse Point... Michael Grinnell (Jul 18)
- Re: Cisco Clean Access & Impulse Point... Atif Azim (atif) (Jul 18)
- Re: Cisco Clean Access & Impulse Point... Gibbs, Aaron M. (Jul 19)
- Re: Cisco Clean Access & Impulse Point... Dave Koontz (Jul 19)
- Re: Cisco Clean Access & Impulse Point... Doug Sandford (Jul 19)
- Re: Cisco Clean Access & Impulse Point... Lee Weers (Jul 19)
- Re: Cisco Clean Access & Impulse Point... Chad McDonald (Jul 19)
- Re: Cisco Clean Access & Impulse Point... WILLIAM I. ARNOLD (Jul 20)
- Re: Cisco Clean Access & Impulse Point... George (Jul 20)
- Re: Cisco Clean Access & Impulse Point... John Stauffacher (Aug 26)