Hello All,
I am in the process of validating PacketFence and few other product like MS
NPS,OpenNac
Whats i am interested at most is three scenarios that can do isolation to
designated VLAN but i am not yet ready to turn all our users switch port
to dot1x authentication right away , since i have mass of equipment and
each switch have some users on each 4 users Vlan we got as Unttaged , at
the first step as follows below , mostly interested with virus detection
and isolation for existing static ports configured as untagged.
First scenario : We have Symantec endpoint protection AV and we would like
to have isolation in case of
- client infection
- AV not installed
Second scenario: Our organization firewalls(Pfsesnce) have ids Snort based
capable of sending syslog alert ,unified, SQL log alert, we would like to
have ability to inform some how Packetfence server with violating IP and
have it VLAN isolated , again first step most users still have static port
Untagged .
Third Scenario: unknown device attached to socket wall conf room or
somewhere else, for those ports only we would like to use dot1x
authentication will be isolated .
Another point is that Most of network equipment are based on HP Procurve
2910al ,2920 ,1900
My question to you PacketFence experts is possible with given above
scenarios?
Please advice
Thanks
--
Tal Bar-or
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
