NAC Alarm if RADIUS certificate is about to expire
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-10-2013 08:14 AM
Hi,
I just had a major issue beacuse the RADIUS certificate of the NAC/IAM appliance did expire. This caused a big problem because of IEEE 802.1X Authentication was used. The problem was quickly resolved but it could have been avoided if an alarm would have been present.
Best scenario for future releases: If the RADIUS (or any NAC certificate) is about to expire (e.g. in 1 or 2 months) a warning is presented. And in the last days an alarm is caused.
I hope this idea will be realized to avoid major .1X problems 🙂
Best Regards
Michael
I just had a major issue beacuse the RADIUS certificate of the NAC/IAM appliance did expire. This caused a big problem because of IEEE 802.1X Authentication was used. The problem was quickly resolved but it could have been avoided if an alarm would have been present.
Best scenario for future releases: If the RADIUS (or any NAC certificate) is about to expire (e.g. in 1 or 2 months) a warning is presented. And in the last days an alarm is caused.
I hope this idea will be realized to avoid major .1X problems 🙂
Best Regards
Michael
18 REPLIES 18
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-09-2014 07:12 AM
This should be a matter of course. When the RADIUS server certificate expires, all .1X authentication fails. Imagine the severity of that trap.
Right now my customers are solving this issue by saving the date in Outlook (or similar) and are not happy about the workaround. It lacks reliability.
Right now my customers are solving this issue by saving the date in Outlook (or similar) and are not happy about the workaround. It lacks reliability.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-09-2014 06:55 AM
The need is obvious. Due to the fact, that the certificates have to be renewed manualy it must be possible to set a reminder for the admins. This could be also a good thing for Alarm Manager. As soon as there is a useable trigger, one could use alarm manager to send email to admin (or other actions of course). Otherwise the whole network could be jammed.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-06-2014 08:24 PM
This is something that we are considering but not yet committed. Feedback from others will be very helpful, if they see the need.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-16-2013 03:12 PM
Hi Michael. I am meeting with my product marketing group this morning and I will see if I can get any thoughts on this. Thanks for the suggestion.
