Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Challenge and response

Status
Not open for further replies.
37grove

37grove

MIS
Jun 29, 2002
65
0
0
US
Hello,

I’m new to McAfee and I was given the following task. What my boss wants to do is setup McAfee 8.5.0i to scan a system during the logon to our network using RAS. If during the scan it does not identify the systems as having any antivirus it will not allow them to proceed and disconnect them.

Can this be done with McAfee VirusSacn Enterprise 8.5.0i and ePolicy 3.6.1?

Thanks,
 
Sort by date Sort by votes
Looks to me like Network Access Control (NAC) Task.

As far as I know, EPO can't do that , and it's not meant for that.

Chris
 
Upvote 0 Downvote
Chris,

Appreciate the information, now I need to find a solution for what he wants.

Gary


 
Upvote 0 Downvote
Strictly speaking: invest in NAC solution :)

if your boss does not agree:), Logon script can help you detect the AV (query te registry + services running to be sure)

For non-compliant PC, they must be using VBS to drop the RAS connection, but i don't have ready solutions
 
Upvote 0 Downvote
McAfee also has another product called Policy Enforcer (additional license, more licensing $$$, but still much cheaper than most NAC solutions) that snaps into ePO 3.5 and above called Policy Enforcer--am currently doing a proof-of-concept of it. When an unmanaged rogue device is discovered on the network based on O/S platform, patch level, A/V and other administrator-configured policies, the product can communicate directly with a variety of network switches (Cisco specifically in my case) to drop the offending switch port or quarantine the device in an isolated VLAN. LOTS of engineering decisions and configuration work to do before you're ready to lock out your first intruder, but every NAC solution is pretty much like that.--The Bug Guy
 
Upvote 0 Downvote
FrogEater,

My boss does want a NAC. He's got me looking at McAfee Network Access Control, part of policy enforcer to see how much it's going to cost us. In the mean time if you have a script to query for AV on a system will you posted it here for me to take a look at?


Bug Guy,

Thanks for the info about the amount of work it's going to take to get any NAC solution in place. I'm going to let my boss know and hopefully we'll get a vendor to do it all instead of me.

 
Upvote 0 Downvote
Yeah, I had considered handing it off to a vendor, but, thinking it through to its logical conclusion, I'll eventually be managing it, so I need to make a lot of the platform policy decisions. Improves my chances of correcting the problem the day that it quarantines a half-dozen production servers and bumps a C-level officer's machine off the network. I wouldn't necessarily be a hero, but I'd probably be less a goat....--The Bug Guy
 
Upvote 0 Downvote
Chris,

Thank you very much for you time and really appreciate your help.

Gary
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
146
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
121
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
93
Nitta84
Nitta84
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
42
ITSUPPORTIT
ITSUPPORTIT
texwiz
  • Locked
  • Question
need some help to properly set up, segregate and secure a network with an ASA 5505
Replies
2
Views
57
texwiz
texwiz

Part and Inventory Search

Sponsor

Back
Top