[27005] in resnet
Re: Do we still need Network Access Control?
daemon@ATHENA.MIT.EDU (SUBSCRIBE RESNET-L Royal Frazier)
Tue Nov 8 16:35:21 2011
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Message-ID: <LISTSERV%201111081633012086.0ED5@LISTSERV.ND.EDU>
Date: Tue, 8 Nov 2011 16:33:01 -0500
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: SUBSCRIBE RESNET-L Royal Frazier <royalef@AOL.COM>
To: RESNET-L@listserv.nd.edu
I can say that the University I worked with has never had a NAC. They do
give out laptops with anti-virus. Corporate desktops use McAFee with
Windows firewall disabled. Updates were not applied to corporate desktops
and servers in the most timely manner. Student desktops updated as they
would for any body of random windows users.
As the college-issued student laptops were given out year over year, general
virus traffic declined. At 50% of the student population with protected laptops
we still had viruses running around the network for months at a time. Once
all students had laptops the viruses were limited to sporadic events.
However, those sporadic events were significant.
Two years running the corporate desktops were infiltrated by malware/viruses
that spread through the corporate permissions of infected servers and
desktops. These were significant events that involved hundreds of devices
infected in a few days. Some interesting variants showed up in the student
community that would create DHCP servers, poison DNS settings, perform
man-in-the-middle bypasses, even issue the LAN's default router address as a
DHCP address. That last one was a walking outage as the infected person
travelled through campus handing other users addresses that caused gateway
conflicts.
The university deals with virus/malware based problems every year. RIAA
notices are weekly now that the enforcement law went into effect.
Depending upon what your NAC is capable of they may still provide a level of
enforcement to defense. But I've also seen NACs implemented that do nothing
other than handle a email registration for a guest access. At that point, it
provides no protection--only self-service registration.
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
