angelo1

Cisco NAC Appliance/ cisco clean access

2 posts in this topic

Are there any vulnerabilities of Cisco Clean access? Also how deep can it look into your files? Would there be any way to limit the personal information it could have access to?

0

Share this post


Link to post
Share on other sites

Are there any vulnerabilities of Cisco Clean access? Also how deep can it look into your files? Would there be any way to limit the personal information it could have access to?

As a long time user of Cisco Security Agent, which is a 'cousin' of CCA,code wise, I would not put great faith in the security of CCA. CSA is not very difficult to subvert, so I doubt that CCA is any better.

Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access

http://www.cisco.com/en/US/products/products_security_advisory09186a00804f3127.shtml

http://en.wikipedia.org/wiki/Cisco_NAC_Appliance

Device Posture Spoofing

At Blackhat 2007, Michael Thumann demonstrated how the security posture and assessment of a device by the Cisco Trust Agent can be spoofed programatically. As Thumann suggested in his presentation NACATTACK, the fundamental problem with Cisco's approach to Access Control is that in essence an untrusted device/user is being asked to validate its own posture.[1] Cisco took the unusual step and officially answered those allegations by pointing out that the NACATTACK presentation only dealt with posture spoofing and left out the authentication step into a network.[2]

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now