Educause Security Discussion mailing list archives

Re: Replacing NetReg with ?

From: "Pardonek, Jim" <jpardonek () LUC EDU>
Date: Wed, 19 Feb 2014 17:46:07 +0000

We use Bradford with the dissolving agent.  The problem with a dissolving agent is that it only executes at 
registration time so if you don't reregister clients regularly, you end up with a climbing rate of malware and viruses 
because in practice, once the student remediates at the start of semester, they do nothing after that.

Jim


James Pardonek, MS, CISSP, CEH
Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Hall, 
Rand
Sent: Wednesday, February 19, 2014 11:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Replacing NetReg with ?

[SafeConnect] seemed a little intrusive on clients as it required an always
installed agent on computers. The Bradford solution allowed for a
"dissolvable" agent that installed, ran, and uninstalled.


SafeConnect only requires the agent if you want posture assessment. I would imagine those wanting posture assessment 
don't usually want just point-in-time posture assessment but continuous assessment. For example, if you get pwned (and, 
say, your AV process is terminated) a persistent client can stick you in remediation land in seconds.


Rand

Rand P. Hall
Director, Network Services                 askIT!
Merrimack College
978-837-3532
rand.hall () merrimack edu<mailto:rand.hall () merrimack edu>

If I had an hour to save the world, I would spend 59 minutes defining the problem and one minute finding solutions. - 
Einstein

On Wed, Feb 19, 2014 at 10:52 AM, Thomas Carter <tcarter () austincollege edu<mailto:tcarter () austincollege edu>> 
wrote:
We had a Bradford Networks device that managed both wired and wireless. It could do a number of nice things like pull 
AD attributes to determine the VLAN assignment. It also gave decent security as it controlled items at a port level and 
ports were set to default to a dead-end network to prevent spreading malware. Unfortunately the device was slow and 
cumbersome to use; it caused headaches at the beginning of every year as the rush of new students registering devices 
causes issues. Things came to a head when we had a failure and I was unsatisfied with Bradford's response, so we began 
looking elsewhere.

We looked at SafeConnect, but, if I remember correctly, it more manages the outgoing Internet traffic and doesn't 
really manage at a port level. It seemed a little intrusive on clients as it required an always installed agent on 
computers. The Bradford solution allowed for a "dissolvable" agent that installed, ran, and uninstalled.

We ended up rolling out Packetfence. While not quite as full-featured as Bradford, but it's free, faster than Bradford, 
and is virtualized to give some measure of redundancy. We've been using it for a year now and it has been what we were 
looking for. YMMV.

Thomas Carter
Network and Operations Manager
Austin College
903-813-2564<tel:903-813-2564>
[AusColl_Logo_Email]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>] On Behalf Of Jeffrey Sabin
Sent: Wednesday, February 19, 2014 9:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Replacing NetReg with ?

Hello everyone - We are looking to replace our old, highly customized NetReg environment with something more modern and 
secure. We've looked at the Safe Connect product for example.

Has anyone else undertaken a similar endeavor and how did it go? If you are not using NetReg today, what are you using?

Just beginning to whittle down our options so any experience tales or advice would be most appreciated.

Many thanks!

Jeff

Jeffrey D. Sabin
INFORMATION SECURITY OFFICER/HEAD OF, INFRASTRUCTURE & SECURITY SERVICES

Dial Center
2507 University Avenue    Des Moines, Iowa 50311-4505
Tel  515.271.2935<tel:515.271.2935>
Fax 515.271.1938<tel:515.271.1938>
1.800.44.DRAKE x2935
E-mail jeff.sabin () drake edu<mailto:jeff.sabin () drake edu>

Current thread:

Re: Replacing NetReg with ?, (continued)
- - - Re: Replacing NetReg with ? Kevin Moll (Feb 19)
    - Re: Replacing NetReg with ? Dan Oachs (Feb 19)
    - Re: Replacing NetReg with ? Guy Almes (Feb 19)
    - Re: Replacing NetReg with ? Mark Boolootian (Feb 19)
    - Re: Replacing NetReg with ? Ryan Skelton (Feb 19)
    - Re: Replacing NetReg with ? Michael Sinatra (Feb 19)
  - Re: Replacing NetReg with ? Ben Parker (Feb 19)
- Re: Replacing NetReg with ? Roger A Safian (Feb 19)
- Re: Replacing NetReg with ? Thomas Carter (Feb 19)
  - Re: Replacing NetReg with ? Hall, Rand (Feb 19)
    - Re: Replacing NetReg with ? Pardonek, Jim (Feb 19)
- Re: Replacing NetReg with ? Hanson, Mike (Feb 19)
- Re: Replacing NetReg with ? Entwistle, Bruce (Feb 19)
- Re: Replacing NetReg with ? Keller, Alex (Feb 19)
  - Re: Replacing NetReg with ? Barros, Jacob (Feb 19)
    - Re: Replacing NetReg with ? Jeff Kell (Feb 19)
  - Re: Replacing NetReg with ? Hall, Rand (Feb 20)
    - Re: Replacing NetReg with ? Keller, Alex (Feb 20)
- Re: Replacing NetReg with ? Barros, Jacob (Feb 19)
- Re: Replacing NetReg with ? Joe St Sauver (Feb 19)