This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Feature Request: NAC Rule Grouping, Rule Description

Feature Request: NAC Rule Grouping, Rule Description

Michael_Kirchne
Contributor

‎03-11-2015 01:24 PM

Hi folks,

The NAC rules are getting confusing. It would be great there would be a possibility to group some rules e.g. Wireless Authentication.

Another great thing would be a column for description.

A very good example for great rule ordering is Check Point (See Demo picture below).

407e27f6a22b4617a13562dc722f80bc_RackMultipart20150311-9686-xh2k6k-2015-03-11_15_16_41-Demo_Mode_-_Check_Point_SmartDashboard_R76_-_Standard_inline.png



What do you think about this?

Best Regards
Michael

0 Kudos
6 REPLIES 6

M_Nees
Contributor III

‎11-15-2016 08:15 PM

Some need for my customers!!

NAC needs Rule Grouping, Rule Description - Checkpoint GUI is a great template!
0 Kudos

Rainer_Adam
New Contributor III

‎04-03-2015 04:57 AM

I worked since now more than 16 years with Cabletron/Enterasys devices, but overall, they NEVER created such a stable thing as there NAC system. If there is something wrong, it is your fault. If NAC is configured properly, it works all the time, all the years....

0 Kudos

Michael_Kirchne
Contributor
In response to Rainer_Adam

‎04-03-2015 04:57 AM

Hi Rainer,

I totally agree with you that NAC is a very powerfull and robust product. But to be honest even NAC has bugs sometimes  - lucky you if you did not run into one so far.

But never the less - why should Extreme stop improving their already great product? This is just a feature request.

Regards
Michael
0 Kudos

Rainer_Adam
New Contributor III

‎04-03-2015 04:52 AM

It depends on that what the customer wants to do. My customers NAC has more than 750 rule matrix lines, wireless is one of these. You could authenticate on the "Switchport" where the users enters the LAN, in case of Wireless this is the WLAN Controller.

With NAC you have so many possibilties, specially also for NAC where you can easilly create a location binding (some users are only allowed on specified Accesspoints to a pre-defined time) and much much more.

Combine all the information you get from Netsight and NAC to make it secure. If you know that a printer will never comes up as a windows maschine, deny it. We have also for some special SSID's a "whitelist" where we define what End-System-Group is able to access this SSID (reverse blacklist)....

0 Kudos
GTM-P2G8KFN