Subject: | |
From: | |
Reply To: | |
Date: | Fri, 24 Sep 2010 12:54:04 -0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi, answers inline.
- --
Cal A. Krzywiec, CCNA, CCDA
Network Engineer
The University of Scranton
Phone: (570) 941-6748
Email: [log in to unmask]
On 9/24/2010 10:32 AM, King, Ronald A. wrote:
> Does anyone have any scripts to automate testing NAC connectivity and
> functionality? We are looking for ways to get notifications when the NAC
> appliances fail, such as:
>
> . CAM/CAS loss in communication
>
> . Switch/CAM loss in communication
>
> . RADIUS communication failure
>
> . General authentication failure through the java plugin
>
> . General authentication failure through the agent
>
> . Errors internally to the CAS/CAM such as service down
>
> . Threshold based login failures such as x number of unable to login
> within x minutes
>
> . Any others that I cannot think of
>
We export the event logs as syslog to Splunk and build saved searches there with email notifications.
> These are a result of failures this week. One where DNS did not resolve the
> CAM correctly for to the RADIUS server, effectively preventing anyone from
> logging in including the ability to manage the CAM, and, one where we lost
> all communication to the switches, causing users to receive a message they
> were logged into too many locations at once. We have no idea how either
> happened and TAC could not give a reason for the loss in global switch
> communication. Maybe the two are related.
>
>
We saw something similar where the CAM stopped responding to snmp traps. BugID: CSCsr95757.
>
> We also would like to give prospective and new students the ability to check
> their computer's functionality with NAC prior to coming on campus. I
> imagine the Java plugin could be presented from the outside and redirect
> them to a "Congratulations" screen, but, what could we do from the posture
> assessment side? Any ideas on this would be welcome.
>
>
>
> Any ideas on any of the above would be very helpful!!! Thanks in advance.
>
>
>
> Ronald King
>
> Security Engineer
>
> Norfolk State University
>
> Marie V. McDemmond Center for Applied Research
>
> Suite 401
>
> 700 Park Ave.
>
> Norfolk, Virginia 23504
>
> Phone: 757-823-3918
>
> Fax: 757-823-2128
>
> Email: <mailto:[log in to unmask]> [log in to unmask]
>
> <http://security.nsu.edu> http://security.nsu.edu
>
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkyc16wACgkQF/8PDUxaTEq7mgCcDdylBEVlW/RgIwn+CZKDjtsZ
52cAni9dgps7nGUa3iCu2fuWHetY3mAV
=gMiS
-----END PGP SIGNATURE-----
|
|
|