Lead

---

Bob Ono, IT Security Coordinator: raono@ucdavis.edu; (530) 754-6484

Status

---

• The RFP for the NAC system has been cancelled. No vendor was selected.
• The project team is reviewing and revising the RFP.
• The revised RFP is expected to be issued in winter 2008.

Goals

---

Implement a system that interrogates end-points to ensure that they meet minimum-security requirements before access is granted to the campus network. End-points may be interrogated to ensure they have:

• Implement a system that interrogates end-points to ensure that they meet minimum-security requirements before access is granted.  Before being allowed to connect to the campus network, end-points might be interrogated to ensure they have:
• Up-to-date software patches
• Current anti-virus software
• Automatic update function enabled
• Absence of specific malicious programs, and
• An installed personal firewall.

Target Audience

---

• Ultimately all users who access the campus residential computing network, wireless network, virtual private network users and public NAMs.
• NAC solutions will not work with fan-out devices.
• NAC solutions are available for the 802.1x environment.

Implementation Approach

---

End-point security is expected to be deployed in phases, as follows:

First phase: Winter 2007

• ResNet, in partnership with Student Housing. Could start with server logging of audit failures, moving to failure messages to end users and finally connectivity denial due to audit failures.

Future phases: Spring 2008

• Wireless
• Public NAMS, and
• VPN users.

Implementation Approach

---

The project team includes the IET Information Security Coordinator, Data Center & Client Services and the Network Operations Center, as well as members of Student Housing and TIF:

• Bob Ono
• Mark Redican
• Kevin Mayeshiro
• Jatinder Singh
• Doreen Meyer
• Dan Rackerby
• Blaise Camp
• Julie McCall
• Joyce Johnstone
• Tracy Bennett
• Minh Nguyen
• Greg Loge