Host scan / Posture Module

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Aug 13 23:35:56 CEST 2014


On 13 Aug 2014, at 17:27, Matthew Ceroni <matthewceroni at gmail.com> wrote:

> In an 802.1x environment is there a way to, as part of authorization,
> to do end point checking on the connecting client? To check things
> such as virus software installed, OS updates, etc.
> 
> Or is this something that could be handled by another product.

The EAP-PEAP module can do that, though it'll only work with Microsoft
supplicants. I believe you need to enable support in the supplicant
config as well.

I think EAP-TNC was meant to do something similar, but no one really
supports it, and i'm fairly sure we don't have the code to decode the
posture info.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140813/ac81a947/attachment.pgp>


More information about the Freeradius-Users mailing list