01-29-2010 03:27 AM - edited 03-10-2019 04:54 PM
hi,
i must configure advanced filter in NAP setup on acs 4.2 and need grant access only user, in domain, that match the pofile.
must avoid access to external users that steel credential as "rogue users".
which is the value i must select for avoid tihs condition?
some ideas?
thx for all
best regards
01-29-2010 03:42 AM
If a rogue user has access to a valid username/password its a challenge to detect this. You could use
Neither 2 or 3 would handle a stolen laptop. No easy answers here Im afraid. The question is really "how would you determine if someone on the network was legit" - if you cant tell, ACS will not be able to either.
FWIW the advanced filtering on the NAP page is more intended as a method by which the desired network service can be determined, and therefore handled by the appropriate policy (WLAN, VPN, etc).
01-29-2010 03:51 AM
i try to use eap-tls for certificate-authentication-machine, but i have a problem with CA(certification authority);
i must to trust the machine(computer) and no the user, becouse i need use the single computer for multi-client logging.
use certificate is only method for avoid steel credential i think
are you a case-study for example?
thx a lot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide