Educause Security Discussion mailing list archives

Re: Registration and Endpoint Security

From: Shawn Kohrman <skohrman () HONEYNET APU EDU>
Date: Wed, 7 Apr 2004 23:39:19 -0700

Michael,
        At this point, we're still in the planning stages.  However, the
latest version of their software has both granular and broad configuration
settings.  You don't have to do a large amount of configuration work to make
their product function.  What has most impressed me is that they're pushing
the idea of a directory enabled network.  That is to say, rather than
control access by network or VLAN, we control access by user account and
LDAP attributes.  It's a bit of a shift for me, but I like the direction
we're moving in.
        The scanning portion of their product can be used as with default
settings which look for virus scanners, patches applied, etc.  You can take
it further if you wish to include looking for certain applications or
services.  The last release we saw involved a lot of manual configuration.
However, the release that recently shipped is much more administrator
friendly.

Shawn


Shawn Kohrman
Lead Network Administrator
Azusa Pacific University
901 E. Alosta Ave.
Azusa, CA  91702
http://www.apu.edu/

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Sewell, Michael K.
Sent: Wednesday, April 07, 2004 4:57 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Registration and Endpoint Security

Shawn,

Regarding Perfigo's product, how happy are you all with this? We're
interested in looking at it further but one concern we have is with the
amount of configuration that appears necessary before the scanning portion
of their product can be used. It's possible that we've just mis-interpreted
the presentation, but it seems as if all that is given is a "shell" of sorts
(referencing the older network management products) in which considerable
configuration has to be done up front. Am I off on this?

Any comments welcome,

Michael Sewell
University of Oklahoma


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU]On Behalf Of Shawn Kohrman
Sent: Wednesday, April 07, 2004 6:20 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Registration and Endpoint Security


We are in the process of rolling out Perfigo (SecureSmart, SmartManager, and
CleanMachines) in conjunction with Cisco ACS and 802.1x.

Shawn


Shawn Kohrman
Lead Network Administrator
Azusa Pacific University
901 E. Alosta Ave.
Azusa, CA  91702
http://www.apu.edu/

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Walsh, Brian R.
(Information Services)
Sent: Wednesday, April 07, 2004 1:37 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Registration and Endpoint Security

We are looking at a group of products that cover the area of network
registration and endpoint security. The specific products are:

        Perfigo, Inc. - SecureSmart, SmartManager and CleanMachines
        ZoneLabs - Integrity and Integrity Desktop
        Cisco - Cisco Security Agent and CiscoWorks Management Center
        Bradford Software - CampusManager

I know that these products are not exactly apples-to-apples but they do all
deal with endpoint management by providing some level of registration,
scanning, blocking and policy enforcement for wired and wireless clients. If
any one has any feed back on any of these I would love to hear it. Thanks!

On a related note, we are also evaluating the NeoTers SSL VPN appliance for
use by adminstrative users who need access to web services that are behind a
firewall. Again, any comments on this product would be appreciated.

Brian Walsh
Connecticut College

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Registration and Endpoint Security Walsh, Brian R. (Information Services) (Apr 07)
- <Possible follow-ups>
- Re: Registration and Endpoint Security Shawn Kohrman (Apr 07)
- Re: Registration and Endpoint Security Sewell, Michael K. (Apr 07)
- Re: Registration and Endpoint Security Shawn Kohrman (Apr 07)