EAP-TNC support or any other method to enforce some security policies on client?

Alan DeKok aland at deployingradius.com
Mon Mar 19 11:31:08 CET 2018

On Mar 17, 2018, at 7:43 PM, Bogdan Rudas via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I've found couple of discussions regarding implementation of EAP-TNC in
> FreeRADIUS (in 2008 and 2013) as well as some core here:
> https://github.com/trustathsh/tnc-fhh
> What is a current status of EAP-TNC? Is is integrated into FreeRADIUS?

  It's in v3.  It can be configured... somehow.  TBH, I haven't looked at it in years.

> If
> so, how can I configure it?
> I guess that built-in TNC was abandoned.

  TNC as a whole has largely been abandoned.

> Are there any 3rd-party products (probably propriertary) which can extend
> my FreeRADIUS deployment with security compliance checks?

  TNC / NAC has largely been abandoned.

> I'd like to enforce specific antivirus software for some platforms,
> password and screen saver policies mostly for BYOD devices.

  Does the OS support that enforcement?

a) yes, use OS-specific tools to enforce it

b) no, it's impossible, even if TNC worked.

  Alan DeKok.

More information about the Freeradius-Users mailing list