Re: [Netpass-users] Quarantine Issue?
Brought to you by:
jeffmurphy
Menu
▾
▴
Re: [Netpass-users] Quarantine Issue?
|
From: Jeff M. <jcm...@os...> - 2005-08-31 19:08:00
|
On Wed, 2005-08-31 at 10:42 -0400, Don Rugh wrote: > Consider the following scenario: > > > - User transgresses policy and needs to be quarantined > - Admin q's user > - DB is updated, but port reset fails b/c user's MAC is not found on > the switch. We also believe that computer is plugged into a > switch/router, such that computer wake/sleep does not generate > linkup/down events to the switch -- link always up, MAC may or may not > be present > - QUESTION: when user's computer wakes up, no event generated, they > are on the network since there appears to be no mechanism to verify > that all ports are in their correct states > > > This could also occur if the SNMP UDP packet doesn't make it to the > switch....are we missing something here?? or have you extended the MAC > aging time on your switches?? it's possible that macscan can be modified to not simply check that the port only has registered clients - but also that each client's status is P/UNQUAR. if the port contains unregistered or quarantined clients then it would be switched to the quarantine. another, less likely, possibility would be to determine if the switch can trap when it detects a new mac. even if that worked, it would require more effort than modifying macscan. jeff |
