Educause Security Discussion mailing list archives
Re: Policy regarding Network Access/Admission Control (NAC)
From: Cathy Hubbs <hubbs () AMERICAN EDU>
Date: Wed, 15 Jul 2009 17:29:24 -0400
At American University we use NAC for our wired, wireless, and VPN connections. We accomplished this by educating our users that everyone needs to be healthy to have a healthy network and using the phrase Network Health Check, it didn't hurt that our timing of introducing the NAC solution was during the days of big bad virulent worm infections. That phrase and language (not the technology name) was embedded into a University level Policy. See excerpt below: Network ?Health Check? All computers connected to the AU network are required to undergo an automated evaluation to determine if certain software settings and applications are correctly installed and operational. As a result of this evaluation, the user may be required to install new software or reconfigure existing software before unlimited network access is granted. Access to Internet resources needed to accomplish any required upgrades will be permitted. The university will not access or modify software or information stored on personally owned equipment without permission of the owner? however, access to the AU network may be denied or limited unless these policies are complied with fully. We also have more general user information on our website at http://www.american.edu/oit/network/CCA.cfm Hope this helps some. Cathy Hubbs, CISSP, CISA, CGEIT Chief Information Security Officer Office of Information Technology American University "King, Ronald A." <raking () NSU EDU> Sent by: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> 07/15/2009 01:28 PM Please respond to The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> To SECURITY () LISTSERV EDUCAUSE EDU cc Subject Re: [SECURITY] Policy regarding Network Access/Admission Control (NAC) As would I. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Fax: 757-823-2128 Email: raking () nsu edu http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Calvin Krzywiec Sent: Wednesday, July 15, 2009 1:30 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Policy regarding Network Access/Admission Control (NAC) I would be interested in this as well if anyone has anything. -- Cal A. Krzywiec Network Engineer The University of Scranton Phone: (570) 941-6748 Email: krzywiecc2 () scranton edu Brad Miller wrote:
Does anyone have a policy/standard regarding or including the use or
implementation of a NAC device?
Thanks, ~Brad Brad Miller IT Security Officer Information Technology Systems and Services University of North Dakota (701) 777-3587 http://itsecurity.und.edu
Current thread:
- Policy regarding Network Access/Admission Control (NAC) Brad Miller (Jul 15)
- <Possible follow-ups>
- Re: Policy regarding Network Access/Admission Control (NAC) Calvin Krzywiec (Jul 15)
- Re: Policy regarding Network Access/Admission Control (NAC) King, Ronald A. (Jul 15)
- Re: Policy regarding Network Access/Admission Control (NAC) Cathy Hubbs (Jul 15)