Hi Michael, We have done this except we do not posture assess the devices. Its purpose is for students to be able to add their Xboxes, Wiis, Tivos, etc. We call it Network Self Service (NSS).
NSS also has user/group permissions in order to allow certain users more access. For example: students can only add devices that are "gaming appliances" but desktop/network admins can add other devices such as printers, HVAC equipment, vending machines, toasters, etc. NSS ties in with our LDAP db for authentication. Eric J. Kenny Network Analyst Marist College 3399 North Rd. Poughkeepsie, NY 12601 845.575.3820 From: Michael Simpson <[email protected]> To: [email protected] Date: 05/11/09 01:32 PM Subject: Creating Filters via API I would like to create a site where students can register their mac address from their device once per semester/year to allow them to bypass authentication but still perform posture assessment. It looks like if a filter is put in as 'Access Type = CHECK:' the machine is still postured but not asked for login credentials. I think from a user perspective this would take a lot of the hassle out of NAC. I would imaging the Clean Access API could be used to get this done. Has anyone done something like this? Thanks, Michael Simpson Network Engineer Utah Valley University
