Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

NAC/802.1X with Manufacturing Devices

This thread has been viewed 0 times

  • 1.  NAC/802.1X with Manufacturing Devices

    Posted Aug 31, 2015 03:40 PM

    Is anyone using NAC with Manufacurting Devices / Process Control Devices? If you are in monitor mode, I would like to know that but I would like to know if you have gone to the next level.

     

    THe type of devices I am interested in are PLCs, Drives, Robots and such. Not PC or server based.



  • 2.  RE: NAC/802.1X with Manufacturing Devices

    EMPLOYEE
    Posted Aug 31, 2015 03:42 PM
    We generally configure these for MAC-authentication with profile conflict
    detection and restricted role access. Many don't support 802.1X.


  • 3.  RE: NAC/802.1X with Manufacturing Devices

    Posted Sep 04, 2015 02:53 PM

    Thank you for the comment. We expect that 802.1X will not mean much for our process lines. What I would like to know is how many end users are really doing active control on the process lines vs just monitoring. Also does any of the scanning that goes into the discovery cause any issues with particular devices? Older systems can have trouble with just "agressive" NMAP scans.



  • 4.  RE: NAC/802.1X with Manufacturing Devices

    Posted Sep 13, 2015 11:03 AM

    do you mean if we scan the devices regulary to make sure they are still the devices we expect and someone isn't "stealing" MAC addresses?

     

    personally i wouldnt bother with all that. just make sure they are in a network with only the access they need and use the MAC address once. while you can do some things the NAC part of ClearPass is often just access control once i believe.