CLEANACCESS Archives

February 2011

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Any news on an update?
From:
Kyle Torkelson <[log in to unmask]>
Reply To:
Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:
Tue, 1 Feb 2011 22:15:39 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (66 lines) 
4.8.1 was out as of 1/31/11 on Cisco's download site...

Just found it...



-----Original Message-----
From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of Kyle Torkelson
Sent: Tuesday, February 01, 2011 4:03 PM
To: [log in to unmask]
Subject: Re: Any news on an update?

Looks like it requires 4.8.0.1 for version...

Wonder when it will be out?

We heard 4.9 was scheduled for May release...but we're looking at Impulse, Bradford, Enterasys, Avenda among others...

After seeing Cisco's plan for NAC and ACS, we're wondering if we stay Cisco and start to deploy 802.1X wired and wireless...

Anyone else using 802.1X with Cisco ACS and Cisco infrastructure?  We bought an 1121 appliance as part of our infrastructure upgrade of 2960'sS and 4500R+E core.  What we're told is that the new ISE (Identity Services Engine) will run on the 1121 and that ISE will also run on the 33x5 appliances.  Cisco might be our cheapest option (who would ever think that?) since we can use a trade-up program to move away from our 3140 CAS/CAM to 3355 CAS/CAM and then upgrade those to ISE this summer.  What I'm told is that we could then have 3 ISE boxes...one for Identity (ACS), one for In-band, and one for Out-of-band if we'd like.  Or, 2 for Identity and 1 for Out-of-band...basically whatever we want but I'm curious to see what the licensing will be/cost since what I saw was that ISE would have a base license for ACS and Guest and Advanced license would include NAC CAS/CAM, profiler, etc...

Our 3140's go EOL in 2011 so we will be deploying something this summer before students move back in August.  Probably decision 60% Cisco and 40% Impulse right now...Not sure I'm sold on writing ACL's and reading Netflow data constantly.  Plus, I heard that Impulse is really about the only NAC vendor not embracing 802.1X.  Apparently, Juniper, Symantec, Avenda, Bradford among many more that are moving towards or already using 802.1X...

Kyle Torkelson
Senior Network Administrator



-----Original Message-----
From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of Calvin Krzywiec
Sent: Tuesday, February 01, 2011 3:41 PM
To: [log in to unmask]
Subject: Re: Any news on an update?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Looks like a bunch of new checks came through today via the auto-update mechanism at 16:00 EST, including MSE:

pc_as_inst_MicrosoftAS_MicrosoftSecurityEssentialsAntispyware_2_x added to the Software Checklist av_defn_MicrosoftAV_MicrosoftSecurityEssentials_2_x added to the Software Checklist

We are running 4.8.0 and will be testing these checks tomorrow.

- --
Cal A. Krzywiec, CCNA, CCDA
Network Engineer
The University of Scranton
Phone: (570) 941-6748
Email: [log in to unmask]


On 2/1/2011 9:54 AM, John Rocchio wrote:
> Any news on the long overdue NAC update that will support 2011 AV 
> products as well as Microsoft Security Essentials 2.0?  We are really starting to get a lot of complaints.
> 
> John Rocchio
> UC Santa Cruz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)

iEYEARECAAYFAk1Ifd0ACgkQF/8PDUxaTEolAQCfZ6k54Q77f85T2gM5V3H2FAJz
deAAn0EhkoGF13PpF75PBtEVLOXf77l6
=x3mA
-----END PGP SIGNATURE-----

ATOM RSS1 RSS2