Re: NAC devices - opinions sought

[Jeff Murphy <jcmurphy () BUFFALO EDU>]

 David Boyer wrote:

> Anyone familiar with Ciscos Network Admission Control (formerly Cisco
> Clean Access, formerly Perfigo), Juniper Infranet, Symantec Network
> Access Control or similar software/appliances?
>
> Like many schools, we have a 1:1 ration of computers to students. We'd
> like to avoid letting vulnerable or malware-infected systems onto our
> network while simultaneously addressing the infection or
> vulnerability. Almost all of our systems are running Windows XP or
> Windows 2000.
>
> I'd be interested in hearing about your experiences with these or
> similar solutions. Any open-source solutions that you know of?


 Opensource:

 Packetfence www.packetfence.org
 NetPass netpass.sf.net
 FreeNAC www.freenac.net



 We use NetPass to control an 8000+ user resnet. It's been in place for
 2-3 years or so and works fine. Some features are: load-balanced HA,
 config'd entirely thru webui, day to day management of the system can be
 delegated out, api for automated control so other automatic processes
 can quarantine users (snort, etc). Primarily our helpdesk folks interact
 with the system and the network group rarely has to touch it.

 jeff