Agreed!
On Mon, Feb 9, 2009 at 17:17, Ben Fielden <[email protected]> wrote: > I second the details button. > > Ben Fielden > ISS Student Technology Services > The George Washington University > > > > Michael Simpson wrote: >> >> My addition to the wish list: >> Have a "Details" button on the agent that shows users exactly what scan >> they failed, KB# and all. This would allow our more technically inclined >> users to solve some of their own issues without coming to the help desk. It >> would also be handy for support staff to see on the machine instead of >> always consulting with the CA manager. >> Michael >> >> >>> "Jeremy Wood" <[email protected]> 2/9/2009 2:28 PM >>> >> I've always wondered what people would like to see out of this product >> so I thought I would throw these ideas out there and see if anyone >> else thought they would be useful or if there were maybe some other >> big improvements people want to see. >> >> 1) Log of packets denied due to role traffic settings >> >> 2) Sending of logging information from HA-IP >> >> 3) Have CAM be able to check posture of clients without moving them to >> UnAuth Role. I hear Bradford does this and I can see how it could make >> the NAC experience much smoother and provide a possibly more secure >> network if you are able to check client more often without >> interrupting their session to do it. It does defeat the seemingly >> 'pure' OOB approach CCA has though. >> >> 4) Have the agent run as a service and/or run before the windows logon >> portion of boot up. So basically the agent could load, verify the >> posture of the computer (although some checks might not work, basic >> ones would) and then pass the logon credentials through to the windows >> GINA and so a SSO that way. This would allow for things like logon >> scripts/offline files/GPO to be applied without anything special going >> on. At the same time though you present the issue of how to update a >> client this way if it is out of compliance? I'd bet that most AV >> updater's wouldn't work if they are called like this. >> >> Anyway, just my list. Thoughts or Additions? >> >> --Jeremy >
