[26988] in resnet
Re: Do we still need Network Access Control?
daemon@ATHENA.MIT.EDU (Charlie Teater)
Fri Nov 4 13:48:46 2011
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=90e6ba6e827ac54aec04b0ec3de1
Message-ID: <CAGnT4c5rxxhdy2jnW8RLOBRMibu_F2F+MSf3JkBiaBjZn22DKA@mail.gmail.com>
Date: Fri, 4 Nov 2011 11:43:21 -0600
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Charlie Teater <cteater@BOISESTATE.EDU>
To: RESNET-L@listserv.nd.edu
In-Reply-To: <755A73D3547BAE429728E2EC2AEDC605E39A36FBA3@EXMAIL.csuchico.edu>
--90e6ba6e827ac54aec04b0ec3de1
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
At Boise State we were using Clean Access for all student and most wireless
access until about two years age. Now the residence halls have Safe
Connect and the rest of the campus is open with a guest access and no NAC.
The OIT network team is still nervous but so far so good without malware
being a big problem. We plan on keeping Safe Connect in place for housing
and we are in the process of implementing a packet shaper as well.
Charlie Teater
IT Systems Coordinator
University Housing
Boise State University
On Fri, Nov 4, 2011 at 11:24 AM, Richter, Ryan <rrichter@csuchico.edu>wrote=
:
> Hi folks,****
>
> ** **
>
> In the wake of 2003 with Blaster and other worms spreading through
> unpatched systems like wildfire we made the decision to purchase a Networ=
k
> Access Control product (Cisco=92s Clean Access). In the following years, =
with
> OS patch and antivirus enforcement, malware was definitely less of a
> problem. CCA did its job.****
>
> ** **
>
> But these days, with operating systems automatically downloading and
> installing patches by default, Windows firewall on by default, do you thi=
nk
> a Network Access Control solution is still necessary? The cost and suppor=
t
> of these solutions is not trivial.****
>
> ** **
>
> Malware continues to be a relatively small issue in our residence halls,
> but I=92m no longer sure it=92s because of our NAC policies, or because o=
f
> better operating systems.****
>
> ** **
>
> Has anyone ditched their NAC solution and tested these waters?****
>
> If you don=92t have NAC in your residence halls, what=92s it like? Is mal=
ware
> a big problem?****
>
> ** **
>
> Thanks and happy Friday,****
>
> -Ryan****
>
> ** **
>
> Ryan Richter****
>
> IT Support Services****
>
> California State University, Chico****
> ___________________________________________________ You are subscribed to
> the ResNet-L mailing list.
>
> To subscribe, unsubscribe or search the archives, go to
> http://LISTSERV.ND.EDU/archives/resnet-l.html____________________________=
_______________________
>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--90e6ba6e827ac54aec04b0ec3de1
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
At Boise State we were using Clean Access for all student and most wireless=
access until about two years age.=A0 Now the residence halls have Safe Con=
nect and the rest of the campus is open with a guest access and no NAC.=A0 =
The OIT network team is still nervous but so far so good without malware be=
ing a big problem.=A0 We plan on keeping Safe Connect in place for housing =
and we are in the process of implementing a packet shaper as well.<br>
<br clear=3D"all">Charlie Teater<br>IT Systems Coordinator<br>University Ho=
using<br>Boise State University<br>
<br><br><div class=3D"gmail_quote">On Fri, Nov 4, 2011 at 11:24 AM, Richter=
, Ryan <span dir=3D"ltr"><<a href=3D"mailto:rrichter@csuchico.edu">rrich=
ter@csuchico.edu</a>></span> wrote:<br><blockquote class=3D"gmail_quote"=
style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div link=3D"blue" vlink=3D"purple" lang=3D"EN-US"><div><p class=3D"MsoNorm=
al">Hi folks,<u></u><u></u></p><p class=3D"MsoNormal"><u></u>=A0<u></u></p>=
<p class=3D"MsoNormal">In the wake of 2003 with Blaster and other worms spr=
eading through unpatched systems like wildfire we made the decision to purc=
hase a Network Access Control product (Cisco=92s Clean Access). In the foll=
owing years, with OS patch and antivirus enforcement, malware was definitel=
y less of a problem. CCA did its job.<u></u><u></u></p>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p><p class=3D"MsoNormal">But thes=
e days, with operating systems automatically downloading and installing pat=
ches by default, Windows firewall on by default, do you think a Network Acc=
ess Control solution is still necessary? The cost and support of these solu=
tions is not trivial.<u></u><u></u></p>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p><p class=3D"MsoNormal">Malware =
continues to be a relatively small issue in our residence halls, but I=92m =
no longer sure it=92s because of our NAC policies, or because of better ope=
rating systems.<u></u><u></u></p>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p><p class=3D"MsoNormal">Has anyo=
ne ditched their NAC solution and tested these waters?<u></u><u></u></p><p =
class=3D"MsoNormal">If you don=92t have NAC in your residence halls, what=
=92s it like? Is malware a big problem?<u></u><u></u></p>
<p class=3D"MsoNormal"><u></u>=A0<u></u></p><p class=3D"MsoNormal">Thanks a=
nd happy Friday,<u></u><u></u></p><p class=3D"MsoNormal">-Ryan<u></u><u></u=
></p><p class=3D"MsoNormal"><u></u>=A0<u></u></p><p class=3D"MsoNormal"><sp=
an style=3D"color:gray">Ryan Richter<u></u><u></u></span></p>
<p class=3D"MsoNormal"><span style=3D"color:gray">IT Support Services<u></u=
><u></u></span></p><p class=3D"MsoNormal"><span style=3D"color:gray">Califo=
rnia State University, Chico<u></u><u></u></span></p></div></div>__________=
_________________________________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to <a href=3D"http://LISTSERV.ND.EDU/archives/resnet-l.html" target=3D"_=
blank">http://LISTSERV.ND.EDU/archives/resnet-l.html</a>
___________________________________________________
</p></blockquote></div><br>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--90e6ba6e827ac54aec04b0ec3de1--
