NAC on Heterogeneous Wireless Network: Campus Network
Last month, we have accomplished proof of concept (PoC) testing for five different Network Access Control (NAC) products to demonstrate its feasibility deployment on our heterogeneous wireless network. The objective of this PoC is to determine the solution to some technical problem, such as how two systems might be integrated or that a certain throughput can be achieved with a given configuration. The NAC features that we are currently evaluate must able to protect our network from any possible technique of attacks.
Tested products: Consentry, Infoexpress, Aruba ECS, Bradford, Juniper
schematic wireless network diagram
The most critical feature which can be considered compulsory to the tested NAC that it must be able to detect the network bridging activities running by the users: bridging via UTP cable, Bluetooth, GPRS, Edge, 3G, HSDPA and other possible method of bridging such as via firewire, USB, PCMCIA etc. It must also able to quarantine or disconnect or isolate the users from the wireless network once they activate the bridging processes. In fact, most of the bridging activities is able to create a back door to our secure network. That’s why this feature is really really important to us.
Since we are having heterogeneous network, this NAC must able to support multiple protocol such 802.1x and non 802.1x including all OS platform: e.g Windows, MAC OS and Linux Clients.
We will announce later which product is the most suitable to be deployed to protect our campus wide wireless network.
Filed under: blog | Tagged: Aruba, blog, Bradford, Consentry, InfoExpress, Juniper, NAC
a good topic for a research paper heheheh
I’m wondering how you chose the list of vendors for the test. Can you shed some light on this in one of the next blogs?
Thanks.
mak aihh.. israel mariii..!!