Hi all!
When talking about NAC, we all think out Cisco ISE, Aruba ClearPass, ... The problem is, they are all expensive and sometimes they are hard to implement.
I have only been around the industry for a few months, so maybe i don't know what technologies they are using to control their network.
I will do my Graduate thesis next month, my project is about "User Profile checking using picture recognition". I am thinking that i will integrate my project with networking. Maybe it will add another layer of security in the application level.
Let's talk about Cisco ISE, a few months earlier, i assisted my team to implement Cisco ISE for a customer. I noticed that Cisco ISE has some features like:
- Auto Profiling
- Auto change policy that applied to a supplicant when it compliant.
- Check Windows version and Softwares installed on the supplicant
...
Maybe thre are so much more features that i don't know about ISE, but most of the function of ISE, i think i can replace it with python.
For example:
- Auto Profiling => Check Mac Address of the endpoints and classify it.
- Check Windows version and Softwares installed on the supplicant => Checking Services or Registry.
- Change Policy applied to a supplicant when face recognition success => Server will exec a python script to auto change Access-List on the Network Device interface.
Do you guys have any suggestion?
Any input is appreciated!
No comments:
Post a Comment