Security

Reply
New Contributor
Posts: 2
Registered: ‎08-31-2015

NAC/802.1X with Manufacturing Devices

Is anyone using NAC with Manufacurting Devices / Process Control Devices? If you are in monitor mode, I would like to know that but I would like to know if you have gone to the next level.

 

THe type of devices I am interested in are PLCs, Drives, Robots and such. Not PC or server based.

Guru Elite
Posts: 8,456
Registered: ‎09-08-2010

Re: NAC/802.1X with Manufacturing Devices

We generally configure these for MAC-authentication with profile conflict
detection and restricted role access. Many don't support 802.1X.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 2
Registered: ‎08-31-2015

Re: NAC/802.1X with Manufacturing Devices

Thank you for the comment. We expect that 802.1X will not mean much for our process lines. What I would like to know is how many end users are really doing active control on the process lines vs just monitoring. Also does any of the scanning that goes into the discovery cause any issues with particular devices? Older systems can have trouble with just "agressive" NMAP scans.

MVP
Posts: 1,413
Registered: ‎11-30-2011

Re: NAC/802.1X with Manufacturing Devices

do you mean if we scan the devices regulary to make sure they are still the devices we expect and someone isn't "stealing" MAC addresses?

 

personally i wouldnt bother with all that. just make sure they are in a network with only the access they need and use the MAC address once. while you can do some things the NAC part of ClearPass is often just access control once i believe.

Search Airheads
Showing results for 
Search instead for 
Did you mean: