NAC Solutions

Started by Nerm, July 16, 2018, 01:55:09 PM

Previous topic - Next topic

Nerm

Just curious how others here are handling NAC in their environments. What solution are you using? Is it managed regionally or globally, etc?

I know at least one of you will mention a specific <INSERT VENDOR HERE> blurb. ;)

icecream-guy

Quote from: Nerm on July 16, 2018, 01:55:09 PM
Just curious how others here are handling NAC in their environments. What solution are you using? Is it managed regionally or globally, etc?

I know at least one of you will mention a specific <INSERT VENDOR HERE> blurb. ;)

it's a mess,  we set up and started testing solution from vendor A.  Then the govvie head honchoes said we were required to use vendor B, so that set implementation back about two years, since it was back to ground zero.

not gonna say which vendor is which, but one for them is foreskin.
:professorcat:

My Moral Fibers have been cut.

deanwebb

I hate what autocorrect can do to my $VENDOR name...

I'll say that all my customers use ForeScout CounterACT, and some will use it alongside Aruba or Cisco ISE.

Even if they have regional managing appliances, the NAC management itself is global, not regional. Regional management is a key to chaos and unmitigated risks, because "I thought those guys were in charge of securing that asset..."

It is usually very easy to get to visibility in the network. Controlling assets usually starts very slow and then increases in speed over time. The exception is where a firm has a major outbreak of malware/ransomware and they want enforcement ASAP.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.