Our university has a wireless network; many students and visitors can access the
internet and shared resources using the wireless connection inside the campus. But the
problem is that in the virus infection from the visiting computers. We need to protect
our network from these infections. The server must scan any computer tries to connect our
network to ensure that it is virus free, and then permit it to use the available network
recourses. Any solution for this situation?.
Note:
We don’t speak about ADNM, because by using it there is a license for specific number of
Net Clients & Net Servers. In our case we don’t know about the visitors (their number &
their infection status), so there is no managed version from avast! Antivirus installed
in the visitors’ PCs.
If the solution by using Cisco NAC, we want remember you that you need to install some services and programs in client computers.
Provide us the details technical procedures for configuring avast! AV with Cisco NAC if it is the optimal solution for this problem.
well, since u dont want to speak about ADNM and licenses… i dont think there is any way around any form of licenses
but here is another approach:
keep in mind that you have to protect your network no mather what, even if the head of the university has an infected computer it needs to be blocked…
IF you run or if you can be able to run a Windows Server 2008 R2 domain you can your the feature of Network Acces Protection (NAP)
this feature demands that computers that connect to the network will have to report to the NAP server with the status of their AV and Firewall software.
Depending on how hard you want to be it can say that computers that do not fullfill the rules you set will be put in quarantine and dont get access to the network… protect your network at all costs… if someone wants to use your resources they need to oblige to your rules for the network which means a got anti virus and a clean bill of health from that anti virus sollution…
In terms of security requirement, beside you need to protect your client’s desktop beside that you also need to protect your gateway from unauthorized user.
My advice is if you still didn’t have gateway security like Unified Threat management Firewall (AV Gateway, IPS, URL Filtering, Web Content Filtering, VPN Gateway, Firewall), you need to got one to protect your networks.
With those Appliances you can set for unauthorized user if they want to join with your network to indentify their user profile first or at least if you open for all of guest, you can protect your network from DNS attacks, Flooding, Exploitations, and another attacks.
Thank you. Do you mean that you can protect your network by using secure appliance or software? , please provide me with technical procedures to achieve this.
@scythe944 : sonicwall is a firewall not a good gateway for this solution.
@Hugan: yes it should be appliance, the devices usually called Security Network Access
SNA usually will check the PC connected is installed with antivirus or not? have the latest antivirus update or not, should be a permitted PC or not and the others test required to connecting your networks as you like.
for the nortel option you could read about here: http://www2.nortel.com/go/solution_content.jsp?prod_id=55121 (i didnt read it tho)
it could be integrated with the sollution that i gave you with the 2008 domain, the downside from the NAP solution is that it requires windows clients, if there are linux clients then, as far as i know at this moment, it will block them since they dont have the reporting module which is standard build in in the xp (sp2 and up i believe) and vista/Win7.
edit: the text says in some part it can do it agentless but when you read on you read something about a health agent that reads out the health of the computers… so maybe you can get advise from the local Nortel Dealer that can tell you a lot more about this (unless SPI is Nortel expert and can explain the whole)
Some brands have some weakness and strength power,
But i ever handled for some products like Watchguard (watchguard.com) - very simplify and quite powerful, and affordable
Fortinet (fortinet.com) - not simplify to manage or create a rule, and price more expensive than watchguard because fortinet using ASIC chip
McAfee (mcafee.com) - i think last time they sold UTM also, but they are not focus on UTM solution.
Sonicwall they are not powerfull, because they only using stramline scanning, which in anvitirus products same as like norton using quick scan.
I keep prefer using watchguard, i think in your country have a representative vendor to got more solution from them.
Sorry, in this case i didn’t said which brand better but i just would like to share what i knew based on my experience.
