I've about reached my limit with the dumpster fire that is Cisco's Identity
Service Engine. Are there any reliable alternatives that do endpoint
classification, central web auth, and .1x auth?
Thanks in advance,
Christopher
Forescout but if you want something simpler with SNMP authentication of
switches and Domain Controller of authorized PCs you can have a look at
Portnox. Done couple of deployments with Portnox.
On Sun, Dec 3, 2017 at 3:39 PM, Christopher J. Wolff
wrote:
> I've about reached my limit with the dum
I'm about to try this one.
https://packetfence.org/
Not sure if it covers all the features you need though, but it seems
promising. In case you give it a try, could you share your experience
please?
Thanks
Jean
On 17-12-03 09:48 AM, segs wrote:
> Forescout but if you want something simpler with
If you plan to use it for a small group of people, you should consider
hosting it yourself. You could set it up with SPF, dkim, dmarc, ipv6.
It could be seen as a personal challenge to achieve.
Then if you need real privacy, you will need to encrypt with public keys
like PGP or S/MIME. You can up
I’ve used PacketFence for several years, but it’s kind of fragile. Compared to
many FOSS systems, it’s exceptionally well documented, and uses reasonably good
Web GUI standards. It also supports Cisco switches well. However, I routinely
have to twiddle with it when one or another internal compon
$dayjob is a university where we use PacketFence to support .1x for a
population of approx. 28K concurrent Wi-Fi devices.
It took us a couple of iterations but we now have a clustered deployment (of
VM’s) model which routinely handles >1200 logins per second, has a fair bit of
headroom left ove
It's kind of a pain to manage a mail server.
Even if you have SPF, DKIM correctly setup and you are not on any common
blacklists,
you constantly have to fight for good deliverability - some mail server
solutions will simply reject you no matter what.
You might be on some obscure blacklist nobod
if you're already slurping the commercial koolaid (support contracts,
someone to blame etc etc) - then Aruba Clearpass?
(otherwise local homebrew with FreeRADIUS core or PacketFence as
FOSSOTS ;-) )
alan
On 12/03/2017 10:08 AM, Filip Hruska wrote:
It's kind of a pain to manage a mail server.
I disagree.
I have been running my own mail server for > 15 years and extremely
happy with it.
I spend less than an hour a month needing to do things to it. Usually
that's just the same type of OS upd
On Sun, Dec 3, 2017 at 10:31 AM, Grant Taylor via NANOG
wrote:
> On 12/03/2017 10:08 AM, Filip Hruska wrote:
>
>> It's kind of a pain to manage a mail server.
>>
>
> I disagree.
>
> I have been running my own mail server for > 15 years and extremely happy
> with it.
>
> I spend less than an hour
On 12/03/2017 12:55 PM, Royce Williams wrote:
Maybe the OP is interested in outsourcing all of that - letting someone
else stay current with patching, spammer tactics, etc.
You make a fair point.
My point is that it is possible to do yourself /if/ you want to do so.
Everyone has to make their
On 12/02/2017 02:39 PM, Ryan Gard wrote:
*Oh, you must be sharing your IP with everyone else in your area*
CGNAT by any chance?
They’ve blocked a few of my end-user /24s and i’ve had zero luck getting them
to unblock them.
Just one more reason to hate them and not use them. They are the devil.
-Mike
> On Dec 3, 2017, at 19:34, Doug Barton wrote:
>
>> On 12/02/2017 02:39 PM, Ryan Gard wrote:
>> *Oh, you must be sharing
On Sun, Dec 03, 2017 at 02:39:27PM +, Christopher J. Wolff wrote:
> I've about reached my limit with the dumpster fire that is Cisco's
> Identity Service Engine. Are there any reliable alternatives that do
> endpoint classification, central web auth, and .1x auth?
What version of ISE are you
On Sun, Dec 03, 2017 at 07:34:29PM -0800, Doug Barton wrote:
> On 12/02/2017 02:39 PM, Ryan Gard wrote:
> > *Oh, you must be sharing your IP with everyone else in your area*
>
> CGNAT by any chance?
... and yet:
$ dig www.ticketmaster.com
; <<>> DiG 9.10.3-P4-Debian <<>> www.ticketmaster.c
On Sun, Dec 03, 2017 at 05:08:33PM +, Filip Hruska wrote:
> I personally run my own mail server, but route outgoing emails via Amazon
> SES.
Not a good idea. Amazon's cloud operations are a constant source of
spam and abuse (e.g., brute-force SSH attacks), they refuse to accept
complaints pe
16 matches
Mail list logo
