Just curious how others here are handling NAC in their environments. What solution are you using? Is it managed regionally or globally, etc?
I know at least one of you will mention a specific <INSERT VENDOR HERE> blurb. ;)
Quote from: Nerm on July 16, 2018, 01:55:09 PM
Just curious how others here are handling NAC in their environments. What solution are you using? Is it managed regionally or globally, etc?
I know at least one of you will mention a specific <INSERT VENDOR HERE> blurb. ;)
it's a mess, we set up and started testing solution from vendor A. Then the govvie head honchoes said we were required to use vendor B, so that set implementation back about two years, since it was back to ground zero.
not gonna say which vendor is which, but one for them is foreskin.
I hate what autocorrect can do to my $VENDOR name...
I'll say that all my customers use ForeScout CounterACT, and some will use it alongside Aruba or Cisco ISE.
Even if they have regional managing appliances, the NAC management itself is global, not regional. Regional management is a key to chaos and unmitigated risks, because "I thought those guys were in charge of securing that asset..."
It is usually very easy to get to visibility in the network. Controlling assets usually starts very slow and then increases in speed over time. The exception is where a firm has a major outbreak of malware/ransomware and they want enforcement ASAP.