(RADIATOR) interoperablity with TNC or Cisco NAC

Sat Oct 29 16:47:42 CDT 2005

Hello Matt -

Once we have published standards or specifications to work with we  
will consider adding support.

I found very little substance in the documents referenced below - as  
you say - "marketing fluff".

BTW - my personal feeling is that it is _very_ unlikely that the  
network itself is the right place to try to fix end systems (other  
than denying access of course).

regards

Hugh

On 29 Oct 2005, at 12:07, Matthew Alexander wrote:

> Hi Hugh.
> The homepage for the TNC working group is here: https:// 
> www.trustedcomputinggroup.org/groups/network/.  It seems to provide  
> some good details.
>
> I haven't found much detail about Cisco NAC yet other than  
> marketing fluff. Version 2 (which uses EAP over 802.1x) won't be  
> released until next month. Pages 4,5 and 6 of this pdf have some  
> basic diagrams:
> http://www.vmware.com/vmworld/2005/sln107.pdf
> If you have a cisco login you can go to the NAC homepage: http:// 
> www.cisco.com/en/US/customer/netsol/ns617/ 
> networking_solutions_sub_solution_home.html.
>
> I have no idea if this is feasible and was just curious if anyone  
> else had looked into it - before I get deep into something that  
> possibly can't be done.  I will not be able to really dig into this  
> for a couple of weeks.
>
> Thanks,
> Matt
>
> ----- Original Message ----- From: "Hugh Irvine" <hugh at open.com.au>
> To: "Matthew Alexander" <mra4d at virginia.edu>
> Cc: <radiator at open.com.au>
> Sent: Friday, October 28, 2005 7:44 PM
> Subject: Re: (RADIATOR) interoperablity with TNC or Cisco NAC
>
>
>
>>
>> Hello Matt -
>>
>> Can you send us some relevant URL's describing these?
>>
>> thanks
>>
>> Hugh
>>
>>
>> On 29 Oct 2005, at 04:33, Matthew Alexander wrote:
>>
>>
>>> Has anyone been able to get Radiator to handle TNC or Cisco NAC?   
>>> I don't know much about their internals yet, but we really want  
>>> to be  able to authenticate wired and wireless PCs based on their  
>>> patch  level / virus protection, in addition to the dot1x user  
>>> auth we  currently have. Since they both use RADIUS, I'm  
>>> wondering if  Radiator can do this for us.
>>>
>>> Thanks,
>>> Matt
>>>
>>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/ 
>> archives/ radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>
>

NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.