PEAP can do this by default for various client platforms - eg Windows - when used with the SoH method. FreeRADIUS supports this (as does NPS) - you can then check antivirus, firewall, anti-malware and patching...and enforce policies (such as drop non compliant systems into a remediation network where they cant do anything other than download patches etc - FR itself doesnt do THAT bit of course, thats down to VLAN policies, firewalling and proxies etc). alan On 17 March 2018 at 19:43, Bogdan Rudas via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Hello all!
I've found couple of discussions regarding implementation of EAP-TNC in FreeRADIUS (in 2008 and 2013) as well as some core here: https://github.com/trustathsh/tnc-fhh
What is a current status of EAP-TNC? Is is integrated into FreeRADIUS? If so, how can I configure it? I guess that built-in TNC was abandoned. Are there any 3rd-party products (probably propriertary) which can extend my FreeRADIUS deployment with security compliance checks? I'd like to enforce specific antivirus software for some platforms, password and screen saver policies mostly for BYOD devices.
Thank you.
-- Bogdan Rudas Director of IT Europe Exadel Inc. http://www.exadel.com/ E-mail: brudas@exadel.com Skype ID: bogdan.rudas
--
CONFIDENTIALITY NOTICE: This email and files attached to it are confidential. If you are not the intended recipient you are hereby notified that using, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error please notify the sender and delete this email. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html