I beginning a NAC rollout and was wondering if this is possible: We wish to only allow our workstations on our internal network. In looking at the rules available, I can check for registry entries and files, and the contents of each (and date/time stamps for the files). If this information were to get out, it would not be of any use. Once the information becomes known, these checks are worthless.
What is needed is some way of ensuring that the equipment is ours. In the Cam users guide there is a discussion of a "Launch Programs Example" which utilizes a valid data signature signed by certificates in order to have a rule check to see if a service is running that is signed. (What is to stop someone from writing a service with the same name to get around this?). I guess my question is: Is there a way to programmatically check to see if the system is "ours", ie: use public/private keys to validate the system is "ours". Harris S. Newman, CBCP, CISSP, GCFA Coordinator, Disaster Recovery Communications and Technology Management City of Austin IM (jabber): [EMAIL PROTECTED] (512) 974-2456 work, (512) 762-4417 cell, (512) 802-6721 pager, (512) 974-9070 fax Manager: Teri Pennington, [EMAIL PROTECTED], (512) 974-7761 work, (512)653-3433 cell Deputy CIO.: Paul Hopingardner [EMAIL PROTECTED], (512) 974-2408 work, (512) 422-6807 cell
