Folks,
For those of you on L3 OOB with Cisco NAC, be aware that Bradford
might not have all the features you currently enjoy. Specifically, as
of a couple of years ago, Bradford did not support the SNMP
assignment of VLANs by a single name for each role (instead of a VLAN
ID) - a BIG problem for us. In addition watch out for double
authentication hits during VPN AAA - I'm not sure if Bradford can do
the bounce pass with the radius auth. Yes, I know it's 2008 and NAC
should be built into any VPN appliance anyway - but it might not be
able to centralize with other policy and sign on. Watch out for
double auth hits on dot1x for wireless as well.
I realize my web talk for Cisco might dilute my credibility on the
'which vendor' subject, but I do feel we put in due diligence on the
Bradford/Cisco choice. If anyone has questions about this, please
contact me off-list.
- Ryan
---------------------
Ryan Moore
Manager of Networking | Rice University | Office: 713-348-5462
On Jul 11, 2008, at 6:00 PM, Sidney Eaton wrote:
I agree. We are going to look at moving away from Clean Access
because of no third party OOB support. But until now we couldn't
justify the cost (and the fact that the software could easily be
loaded on new hardware in case of failure), now with forcing us to
buy appliances the third party vendors price tag just became
$20,000-$30,000 cheaper. An extra $20,000 and we will be able to
facilitate a years worth of maint, more licenses than we had with
CCA, OOB, and integration with our packetshaper as well as our
firewall and IPS. Not to mention we can't get Cisco to add SMP
support for servers and non-super cam. I have a quad processor cam
and dual processor servers with cpus idle meanwhile other cpus are
sometimes hitting max load under file transfers and they are 3+Ghz
CPUs. I am beginning to confuse the Cisco name with Apple. Both
have good ideas.......But execution is poor. Bradford here I come,
good bye Cisco.
Sincerely,
Sidney Eaton, CCNA, Network+, NCSS, NCDE, CCSE
Network Technician
Ferris State University
205 West Building
Big Rapids, Mi 49307
(231) 591-5388
For Support Call (231) 591-4822 or www.ferris.edu/tac
"Stanclift, Michael" <[EMAIL PROTECTED]>
Sent by: Cisco Clean Access Users and Administrators
<[email protected]>
07/07/2008 04:21 PM
Please respond to
Cisco Clean Access Users and Administrators
<[email protected]>
To
[email protected]
cc
Subject
Re: Need to upgrade Server hardware....
