The burden will then fall on the implementor. You must take ownership and
test to ensure whatever radius box you choose provides the appropriate
capabilities you need with the gear you will be using as the enforcement
devices at your access layer. Really going to push you towards more of a
standards based implementation due to a lack of cross vendor functionality
in terms of the advanced features. I don't think there is a clear winner
but rather understanding the fact that you will want to try and make the
deployment as standardized as possible taking into account what is
supported across all the across the various platforms so that the user
experience is the same whether the user/device is plugging into the network
on a Cisco or another vendor's switch. The clear challenges would be
around the advanced functions such as web based authentication for
wired/wireless, Posture assessment, dynamic profiling, dynamic
provisioning, role based access control, and the various BYOD scenarios.
These tend to only be deployable in homogeneous network environments.
It's suppose it's possible but as an operator I would not want to support
it. Just keep in mind the testing necessary when you change code on any
piece of the solution. You would need to ensure all of the vendors
involved are included in the testing before making a changes to the
equation. On the other hand vanilla 802.1x based deployments with a simple
permit or deny type enforcement should operate uniformly across the vendors
and really is just a function of the 802.1x implementation on the access
device.
Greg Stemberger
On Tue, Jul 23, 2013 at 4:03 AM, Cikekhuah <cikekhuah_at_gmail.com> wrote:
> Hi Colleagues,
>
> Which NAC solution between these two vendors do u think is more suitable
> for a mixed environment having Cisco, Juniper n Huawei boxes at remote
> sites. I was thinking there might be compatibility issues, deployment mode
> issues etc. Also how is 802.1x compatibility managed between these two
> vendors?
>
> Appreciate your candid opinion
>
> Chris
>
>
> Sent from my iPad
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jul 30 2013 - 22:04:11 ART
This archive was generated by hypermail 2.2.0 : Thu Aug 01 2013 - 08:45:51 ART