Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
362
Views
0
Helpful
1
Replies

Cisco NAC question

sansari
Level 1
Level 1

‎06-17-2009 06:29 AM - edited ‎03-10-2019 04:32 PM

Is it possible to provide limited privilege to a remote user based on results from Cisco remote agent? ie. let's say the remote machine does not have the right anti virus, therefore I only want to give them read access from corporate dmz. No write privilege. Is something like this possible?

Labels:
0 Helpful
1 Reply 1

greg.washburn
Level 1
Level 1

‎06-17-2009 09:39 AM

You could give quarantined role http/https access to you dmz for example but unless the applications require different ports there is no way I know of to say port is ok but what they do on the port is not. If write access is scp or ftp however this would work, as quarantined role is not allowed to go to dmz on ftp or scp ports in this scenario.

In the case of web servers where you want to let everyone access the web but you only want those that pass posture assessment to ftp or scp new files to the servers this would propably fit.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents