[PacketFence-users] PacketFence and SCCM 2012

[Paul Claricoates]

Hi, I am looking to implement PacketFence at the college I work at, we 
currently use SCCM 2012 with Endpoint protection as our antivirus solution, we 
would like to use an automatic isolation policy to detect infected machines and 
move them into an isolated vlan for quarantine, would anyone have advice on how 
best to achieve this?


Paul.


---
This message is sent in confidence for the addressee only. It may contain 
confidential or sensitive information. The contents are not to be disclosed to 
anyone other than the addressee unless specific authorisation has been given by 
the sender. Unauthorised recipients are requested to preserve this 
confidentiality and to advise us of any errors in transmission. Thank you.

Save paper, only print this email if really necessary and think green. Please 
turn off PC's and lights when not in use.

Don't just standby, Switch Off!

Heart of Worcestershire College EcoCampus Group.
---

--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PacketFence and SCCM 2012

[Antoine Amacher]

Hello Paul,

SCCM is yet to be integrated with PacketFence but it should be in the 
future.


From what we looked at, the only way to make SCCM and PacketFence 
communicate is by using WQL(WMI QL). You could look at a way for 
PacketFence to query SCCM to verify the state of a machine 
(clean/infected) and then take an action on this result (require Perl code).


Else you could look if there is a way for SCCM to notify PacketFence 
when it detect a machine as infected, for instance using a power shell 
script that's triggered on events in the Windows server(look in 
addons/AD for some example[unreg_node_...account.ps1]). You will need to 
find the event ID for when a machine is detected as infected.


Thank you,

On 09/28/2015 06:56 AM, Paul Claricoates wrote:


Hi, I am looking to implement PacketFence at the college I work at, we 
currently use SCCM 2012 with Endpoint protection as our antivirus 
solution, we would like to use an automatic isolation policy to detect 
infected machines and move them into an isolated vlan for quarantine, 
would anyone have advice on how best to achieve this?



Paul.

---
This message is sent in confidence for the addressee only. It may contain 
confidential or sensitive information. The contents are not to be disclosed to 
anyone other than the addressee unless specific authorisation has been given by 
the sender. Unauthorised recipients are requested to preserve this 
confidentiality and to advise us of any errors in transmission. Thank you.

Save paper, only print this email if really necessary and think green. Please 
turn off PC's and lights when not in use.

Don't just standby, Switch Off!

Heart of Worcestershire College EcoCampus Group.
---


--


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Antoine Amacher
aamac...@inverse.ca  ::  +1.514.447.4918 *130  ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users