NAC
Alan DeKok
aland at deployingradius.com
Fri Jul 13 14:19:19 CEST 2007
Phil Mayers wrote:
> I haven't been following the NEA so their work might be rubbish,
<cough> Absolutely NOT. *Never*. It will solve _all_ the problems
of NAC.
> but the
> untrusted client-side nature of the software does not make it
> intrinsically worthless - the reason being that for someone to trick out
> the software, they have to EXPLICITLY install and configure some other
> software, which is a clear AUP violation and when detected (a system
> asserts it is patched gets hacked) can be dealt with at the appropriate
> level of severity with the organisations administrative (not technical)
> group.
NAC is largely trying to solve a problem that is 3-4 steps away from
the current administrator's work.
1) What's on my network -> many people don't know
2) What OS's are on my network
3) are they up to date
4) if so, virus, etc. matters rather a lot less.
Alan DeKok.
More information about the Freeradius-Users
mailing list