We didn't do security tests on Clean Access yet.
What I mean by security holes relates to how easy
it is to go around the system for an not so average user.
Those attacks only occur when MAC addresses are used
as the main way of authentication. Not 802.1x.
Philippe
On Mar 6, 2009, at 12:59 PM, Bob Richman wrote:
Philippe,
I'm curious as to the major security holes. Was Cisco Clean Access
(We are currently in a pilot phase) one of your test devices?
Thanks, Bob
Bob Richman
U of Notre Dame
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]
] On Behalf Of Philippe Hanset
Sent: Friday, March 06, 2009 11:26 AM
To: [email protected]
Subject: [WIRELESS-LAN] NAC polling: Wired AND Wireless
All,
UTK is in the midst of a network redesign.
A big part of it involves Network Access Control.
Is anyone out there with a comparable size campus, or bigger,
(26,000 student, 5000 Fac/Staff), implementing a commercial NAC system
for ALL users and all networks (Wired and Wireless).
We are evaluating products. They work somewhat fine during the pilot
(with major security holes ),
but we have this really strong hunch that those products will not size
well!
Any input is welcome,
(except sales pitch ;-)
Thank you,
Philippe Hanset
Univ. of TN
p.s.: Are you doing 802.1x on Wired?
**********
Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at http://www.educause.edu/groups/
.
**********
Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at http://www.educause.edu/groups/
.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
