Security Solutions
2-31
Customer Needs Assessment
Evaluate the Existing Network Environment
However, if printers do not support 802.1X, note the location and the switch
port used to connect the printers to the network. For these printers, you may
be able to use MAC-Auth as the access control method.
Record the same information for fax machines, scanners, and any other
endpoints. You can use Table 2-6 as an example.
Table 2-6. Recording Information about Other Endpoints
RADIUS Servers
Most network access control solutions require a RADIUS server. Does your
network already include such a server? If yes, what type of RADIUS server is
deployed?
How are you using 802.1X: for wired access, wireless access, or both? As you
will learn in Chapter 3: “Designing Access Controls,” the answers to these
questions affect the selection of an Extensible Authentication Protocol (EAP)
method.
Does your network provide redundancy for RADIUS services?
Directory Service
Are you using a directory service? If yes, which one?
If you are using a RADIUS server, is it integrated with the directory service,
or is the IT staff maintaining separate databases for the directory service and
the RADIUS server? Does your directory service support RADIUS attributes?
In other words, can you configure dynamic settings in the directory, or do you
need ProCurve Identity Driven Manager (IDM) to create centralized policies?
Type of
Endpoint
Network
Name
Vendor Location Switch Connection 802.1X
Support?
MAC Address
HP LaserJet
V printer
Mkt_printer HP Building 2,
southwest side
Edge switch 2, port
A21
No 00-11-42-65-64-CC