We reently installed a SSG-320 while displaceing a Fortigate 200 at a Client and the potentials a good for a SRX 240 to dismiss another Fortigate... The customer is interested on the UAC context, but has budgetary constrats in replaceing the existing 3Com and Cisco Switches at the floor level to make them IEEE 802.1x compliant.
I have seen some UAC related configuration options in the SSG's, can some body please elaborate to me how a UAC solution could be induced to the enviornment as effectively as possible. The enviornmnet is Microsoft predominantly (XP and Vista clients) and the requirement is to utilize a UAC kind of a solution to verify the O/S patches and Antivirus (Kaspersky) signatures to be current and ensure no rogue elemnets get into the enwtrok, also an elemnet of coordinated threat control too would be an option we could put forward...
Appreciate any help please...
Ruwini, ths is actually a pretty big question to ask here. This is really a sales type question as there are a couple different ways to go with the implementation.
If the customer cannot replace non-802.1x switches due to cost, you can simple implement UAC as a layer 3 solution. This would involve using either the OAC client or an agentless option via a web browser. Both support host check, but OAC is a better solution as it also offers other benefits.
I would strongly suggest contacting your channel manger here at Juniper for some more indepth discussion on how best to sell to the customer.
Good luck and thanks for the question