1

I am looking for a NAP solution for a network. Either an Appliance or software to run on a windows server. I have played with windows server 2008 r2 NAP but i dont think this is going to be a good solution. I want to basically force users that connect to the wired and wireless network to go through a self check process that will check for AV, firewall, windows updates etc.

Also something that transfer users to a remediation network to be able to conform to the Access Policy.

any suggestions from anyone that has a solution in place?

thanks

JohnyV
  • 938
  • 4
  • 26
  • 45
  • Are you aiming to do this integrity checking on your own computers, or those of visitors/contractors? Do you already have a second network (with or without internet access) that has the necessary servers to be able to perform the remediation? In other words, install or update various AV products, install or configure firewalls, install Windows or other OS updates, etc - depending what your remediation needs are. Do you have any budget for this? There are some commercial solutions but you might need at least $10k. – William Jun 30 '10 at 09:26
  • We dont have any remediation servers, we have an av solution i was hoping that we could do it on all devices in our network so that if rougue devices are trying to connect to the network. We are an education establishment so the budget is something that cant be overly expensive but if the product does what we require it is worth it. we currently have a wsus server and this also provides updates for AV (forefront) but it would have to be able to supply updates for non domain devices (which i dont think wsus is capable) – JohnyV Jun 30 '10 at 09:55

1 Answers1

0

Have you considered using Cisco NAC Appliance? You can do posture-validation/end-device-health assessment/remediation on a wired/wireless/VPN environment without requiring a 802.1x deployment as a pre-requisite.

Depending on your topology, brand of switches and brand and "style" of wireless infrastructure (autonomous APs versus centralized) you may need one or more appliances.

Cisco NAC Appliance

jliendo
  • 1,568
  • 11
  • 13