Guys, has anybody worked with the Juniper or other competitor's NAC solutions? I'm working for a client and encouraging them to buy Cisco but they are looking for competitive information against other vendors to justify going Cisco. I know cisco's solution is most flexible but juniper states they use open protocols like 802.1x and can do posture assessment even before assigning an ip address to the client
802.1x requires that your switches support it, this could get expense. Even if your switches support it, it requires you to be at a recent code version to get the features you will need, like AAA fallback and dot1x guest support. The free OS supplicants have many issues when you start to move VLANs around, so your XP boxes will need up to date service packs and several hotfixes installed. Even then most companies choose to go with a paid supplicant because of its stability and feature set. This increases the cost and support of dot1x. These are some of the issues with rolling out dot1x.
What about the Cisco NAC hack that was presented at the Black Hat expo where they showed that they were able to workaround the agent on the desktop? Has Cisco addressed this issue? Does anyone know if Juniper may have the same problem?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...