Quarantining a System using Freeradius
misch at multinet.de
Tue Nov 28 11:24:29 CET 2006
Am Dienstag, 28. November 2006 11:11 schrieb Dev Anand:
> Hi All ,
> Is it possible to quarantine a system by placing it in different vlan
> by OpenRadius ?
> If so can somebody guide me on the steps that can be tried .
> The situation is like this :
> System already having an IP address , but found to be infected with a
> So it needs to be quarantined automatically .
> Thanks in advance,
It is possible to setup the NAS (Switch) to adjust VLANs according to user or
computer. But you have to introduce authentication via EAP or MAC address
based auth to do this.
But there is another problem: How do you tell FR which system to be put into a
quarantaine VLAN? Manually? You would have to install some kind of agent on
all machines which test the machine for integrity and tell FR about the
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75
PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Freeradius-Users