Osx 10.9.3 microsoft NAP

Similar Messages

• Microsoft NAP

  Hi try to integrate 802.1x authentication with Microsoft NAP.
  I h've configured my Catalyst-3560 with Radius and the Radius-Server with dynamic VLAN assignement.
  And this all is working well.
  When I implement NAP on my 2008/Server, I never been able to verify the client: I allways see on the LOG of the server a message that the client is "no NAP-capable" - but in fact it is (W/XP+SP3).
  Is ther some specific command to configure on the Switch (beside of the "standard" Radius configuration) to allow NAP comunication?
  Thank's

  Cisco Network with Microsoft: Cisco integrated services routers (ISR) and Cisco Catalyst switches provide the ideal foundation for delivering unified communications applications for secure business-class, real-time communications and collaboration. Cisco integrated services routers are Microsoft-certified gateways for Microsoft Office Communications Server 2007 deployments.
  http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns171/ns466/ns812/guide_c07-491725.html

• Just wondering how netflix is making OSX users install a microsoft plug-in to stream movies to their iMacs

  just wondering how netflix is making OSX users install a microsoft plug-in to stream movies to their iMacs

  Tim,
  Only Netflix can answer that question.
  Perhaps Is microsoft Silverlight plug-in safe...: Apple Support Communities will provide you with some hope.

• Cisco NAC, Cisco ACS, Microsoft NAP, Anti Virus

  Hi,
  I'm doing a research on the Cisco NAC (without the appliance) concept and I would like to ask the following:
  1. Securing network access - Needed products are Cisco ACS and Cisco access devices (2960, for example). The feature needed is NAC Layer 2 IEEE 802.1x. Is this correct?
  2. Forcing Windows PC to download OS patches according to company policy. Needed products are Cisco ACS, Cisco access devices, Cisco Trust Agent and Microsoft NAP (Network Access Protection)? Is there a way to do this only with Windows Server (not using NAP)?
  3. Forcing Windows PCs to update Anti Virus software. Needed products are Cisco ACS, Cisco access devices, Cisco Trust Agent and Anti Virus server? Is this correct?
  Please, give me some advice.
  Thanks in advance,
  Mladen

  Thanks for the reply, but still I am a bit confiused (would you please try to answer the questions?):
  1. Securing network access - Needed products are Cisco ACS and Cisco access devices (2960, for example). The feature needed is NAC Layer 2 IEEE 802.1x. Is this correct?
  2. To force update of Windows patches, do I need a NAC appliance (I can only install CSACS)?
  3. To force AV updates, do I need a NAC appliance (I can only install CSACS)?
  I refer to
  "Implementing Network Admission Control Phase One Configuration and Deployment";
  "Network Admission Control Software Configuration Guide - Information About Network Admission Control".
  Thanks in advance,
  Mladen

• Cisco WLC and Microsoft NAP

  Hi, I want to integrate my Cisco WLC directly into Microsoft NAP. Is this possible?
  Thanks

  follow the table in the link http://www.cisco.com/en/US/docs/security/nac-nap/1.0/release/notes/NACNAPRN.html#wp1134942 for the integration of WLC and Microsoft NAP

• Cisco NAC and Microsoft NAP

  Dear all,
  I need to know what are the differences between Cisco NAC and Microsoft NAP ?
  Can NAP be used instead of NAC or not ? why ? why not ?

  I really do not know if you will find the answer that you are looking for. From what I remember NAP was an option that was available with the ACS via a special patch. This is only supported for vista clients if memory serves me correct.
  Here is the link that will help you with the basics.
  http://www.cisco.com/en/US/netsol/ns466/index.html
  We do not get much case volume or exposure to the NAP solution and with ACS 5.2 and ISE around the corner it might be too late to go through this setup and then run into issues with acs 4.2 possibly hitting eol/eos.
  Thanks,
  Tarik

• Is OSX lion compatible with microsoft office for mac 2008

  Can anybody out there please give me a definitive answer to this question: Is OSX Lion compatible with Microsoft Office for Mac 2008? The technical support people of both Apple and Microsoft could not provide me wth a useful answer to a question that must interest hundreds of thousands of people, if not millions. I don't want to download the new OS and then encounter nasty problems.

  Yes. The only problem you could face, is if you want to reinstall MS Office 2008 on Lion - this is not possible, because the installer runs on Rosetta, which is no longer supported in Lion. But if you already have Office installed, there should be absolutely no problems.

• Integrating Microsoft NAP with Cisco ASA

  Hello everyone,
  I'm quite new to the Cisco world. I wonder if and how it is possible to marry Cisco ASA with Microsoft NAP (in Terms of VPN Enforcement). Does anybody know some helpful documents? Is an ACS Server/Appliance necessary?
  Thanks in advance and kind regards

  Hello Jatin,
  thanks for your reply.
  Microsoft states that authentication via PEAP is necessary for NAP to work:
  "One security feature of PEAP is the transmission of Statement of Health (SoH) messages."
  (see http://blogs.msdn.com/b/openspecification/archive/2009/06/05/peap-phase-2-encapsulation-examples-for-a-client-authenticating-with-ms-chapv2.aspx?Redirected=true)
  However, I found this topic which states that PEAP auth. is not possible with the ASA: https://supportforums.cisco.com/thread/2028742
  Is that true?

• HT1338 Since updating to OSX Mountain Lion my Microsoft Word etc is not working. Why?

  Help with getting Microsoft Software operating

  If your screenname were CHEAPO instead of Cheppo, I would suggest that you purchase Snow Leopard Server for $19.99 from the Apple Store and install it into either Parallels or VMWare Fusion (retail = $79) and be able to continue to run your Microsoft Office 2004.
                                [click on image to enlarge]

• Is it possible to use the OSX dictionary lookup in Microsoft Word

  Hi All,
  Trying to figure out if I can use the quick dictionary lookup in Microsoft Word (sorry to mention the words in the Pages section). Either the three finger tap look-up, or the command - control - D or command- D function. I'm sick to death of the erroneous dictionary that Microsoft created along with Word.
  Eternally frustrated, I might have to swap back to Libre Office

  LibreOffice does not incorporate the Apple code that enables the keyboard, or three-finger tap dictionary access. With a given word selected, a right-click offers Synonyms on the contextual menu. At the bottom of the Synonyms sub-menu is Thesaurus… which will pop-up a window, which in the case of the word “cautiously,” provides the following (click to enlarge):

• Microsoft NAP ( Network Access Protection )

  We are using NPS server in our environment and running server 2008 r2 on it. our client machines are of windows 7 and window 8 ....  Basically my question is that if one of my client is getting quarantine Ip then how can we find that in our logs of
  NPS server that at what basis the system or a workstation is getting quarantine Ip.

  Hi,
  You may enable the accounting.
  To enable accounting on NPS, please follow the steps below,
  Expand console tree of Network Policy and Access Services
  Expand NPS
  Click Accounting
  Click Configure Accounting and follow the wizard
  For detailed information, please view the link below,
  Interpret Windows System Health Validator Entries in Log Files
  http://technet.microsoft.com/en-us/library/cc730901(v=ws.10).aspx
  Hope this helps.
  Steven Lee
  TechNet Community Support

• Is OSX Lion compatible with microsoft 2004 for Mac ?

  Hi,
  I heard that microsoft office 2004 for Mac is not compatible with mOSX Lion ?
  What is the matter ?
  Regards,
  Eric from Passy

  Hi Eric,
  No. It need Rosetta which is software that Apple licensed from IBM 5 years ago. This was when Apple switched from PowerPC chips to Intel. Microsoft have had 5 years to write a fix for this but they have not done so, instead they have updated later releases of Office that will work. Maybe Microsoft want you to buy the new version?
  I think I have read that OpenOffice will work with any Office 2004 documents.
  Regards,
  Colin R.
  PS Read the More Like Like links for further threads.

• Can't open Microsoft Office 2011 even after unistalling then reinstalling. Error message comes up before launch. What do I do? Can I fix this? I need to activate Microsoft Office within 15 days!!

  I recently got a new MacBook Pro Running on OSX Mavericks and used Time Machine to move my documents and applications. However Microsoft Office Student/ Home applications did not work and requested a product key. I did not have the product key for it as I had installed Microsoft a long time ago, so I purchased a new Mincrosoft Office 2011 Student/Home Pin to install Microsoft Office. Everything installed fine, however when I go to open it it failed to open.
  I need to activate my Microsoft Office within 15 days apparently and this is done when the application is launched. However none of the Microsoft Office applications do Launch (not Word, Powerpoint, Excel or Outlook).
  Whenever I tried to open one of the named above the Microsoft Error Reporting App would pop up and list the errors. I was advised on other support pages to disenable this app so I have done that but now Word is now giving its own error message saying:
  Process:    
  Microsoft Word [1380]
  Path:       
  /Applications/Microsoft Office 2011/Microsoft Word.app/Contents/MacOS/Microsoft Word
  Identifier: 
  com.microsoft.Word
  Version:    
  14.3.9 (14.3.9)
  Build Info: 
  Unknown-131030~0
  Code Type:  
  X86 (Native)
  Parent Process:  launchd [152]
  Responsible:
  Microsoft Word [1380]
  I don't know or understand what is stopping me from launching my Misrosoft Office. I am wondering if others have encountered similar problems with OSX Mavericks and the Microsoft Office 2011? Does anyone have any ideas of how I can get it to launch?
  I need to get hold of my Word and Powerpoint Documents ASAP.

  Build Info:
  Unknown-131030~0
  This indicates you had a bad install. You need to completely remove Office and reinstall using your new CD Key. See instructions here. Do not do the simple remove, Use the COMPLETELY REMOVE ALL FILES steps.
  http://www.officeformachelp.com/2012/12/office-for-mac-2011-remove-office/
  so I purchased a new Mincrosoft Office 2011 Student/Home Pin to install Microsoft Office.
  You don't purchase a PIN. A PIN is generated when you install Office. You need a CD Key. If you bought Office365, you activate online.
  I have issues with the Microsoft User Data - are there supposed to be two? and where exactly do they belon. They are in the Documents file at the moment.
  Unless you used Outlook or Entourage you can delete both Microsoft User Data folders. When you install Office it will create a new one. Only Outlook & Entourage used this folder for data. W,E,P stores it's data in the User's Library/Application Support/Microsoft folder now.
  For help with removing dulicatate fonts installed by Office see:
  Office 2011 Font Management with Mavericks

• Dot1x, PXE and NAP

  Hi Guys,
  Got a question:
  Trying to setup dot1x in an environment using Citrix Provisioning server.  This involves the following process:
  1. Workstation boots up using DHCP/Bootp, gets assigned an IP Address
  2. Downloades Desktop image
  3. Loads Workstation Image (Windows 7 Desktop)
  From a dot1x perspective this is what we get:
  1. Non-authenticated startup because it is using PXE there is no dot1x supplicant - port is assigned to a guest VLAN
  2. When the image is loaded the LAN card is restarted and the Windows 7 Client has dot1x supplicant
  3. Dot1x supplicant attempts authentication with either a pass or fail result.
  4. Authentication success port is enabled, authentication fail quarrantine vlan is assigned.
  Unfortunately we haven't been able to get this to work on the cisco switches because when the workstation moves from an non-authenticated startup (the guest VLAN) and is moved into an authenticated port that is enabled and goes to the main VLAN the workstation fails to complete startup because the change in VLAN interrupts the streaming to the Citrix provisioning server.  As far as we understand for this boot process to work the workstation needs to remain in the same VLAN.
  We tried to work around this by using per user ACL's however this doesn't work because if we don't configure a Guest VLAN for non-authorised ports, the port is disabled.  We can't configure the Guest VLAN to be the same as the Primary VLAN of the port as this stops dot1x from authenticating the port.
  Has anyone got a solution for this scenario.  Is there a way to configure per user ACL's using dot1x which allows a non-authorised port be be enable but allow us to assign a per user acl to the port for authorised machines?  The solution that is most likely to works is one that doesn't involve the use of different VLAN's execpt for perhaps a remediation VLAN for authorisation failed machines.
  I hope this make sense and I hope there is someone out there that can help.
  Regards,
  He-Wun Kim

  Hi,
  We don't want to change the VLAN the main issue is that we can get the authentication to work i.e.:
  The workstation using PXE boots up in the non-authenticated guest LAN, which has access to the provisioning servers, the image is downloaded and then loads.
  The operating system boots up and successfully authenticates using Microsoft NAP as the supplicant, and is assigned to the port is authorized.
  The problem is that the Guest VLAN and Authorized VLAN which is the default VLAN that the port is configured to be a part of are obviously on different IP subnets and the workstation as part of the process gets a new IP Address assigned when the Operating System boots, it is this CHANGE of vlan that breaks the provisioning process  the VLAN port membership cannot change in order for the solution to work.  We tried configuring the following using Radius VSA in which the Radius Server supplies the access-list name/number to use:
  No Guest VLAN - The result, the PXE boot fails because the port is disabled when there is no dot1x authentication attempt made
  Guest VLAN and Authorised VLAN the same - Fails because the switch doesn't allow this configuration authentication is disabled
  Again the problem we have is that we are going from a non-authenticated to authenticated mode on the workstation, and there doesn't appear to be away to have the same workstation to remain on the same subnet for the duration of the boot and provisioning process.
  We have looked at the MAC authentication option (which is what Citrix recommends) but we do prefer to use NAP/dot1x as it performs a number of health checks which are extremely useful in keeping our network nice and secure.
  Regards,
  He-Wun Kim

• ACS5 and MS NAP

  All,
  Can I just check my thinking?
  In the old ACS 4 world you could use HCAP to offload posture checking to Microsoft NAP as in:
  http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns171/ns466/ns812/guide_c07-491729.html
  I don't see anything for this in ACS 5, in fact the migration notes suggest "Posture Checking" is "N/A":
  http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/migration/guide/Appendix_B_Config_Mapping.html
  But that's all I can find to suggest its gone (other than not seeing it in the ACS configuration).
  Can anyone confirm? Is this to push us towards ISE? Are there other options?
  Cheers for the help!

  Paul,
  Your thinking is correct. this was a feature that was only supported in ACS 4 and from my memory (my days in TAC) customers had to work with their local SE to get the key which activates this feature.
  www.cisco.com/en/US/docs/security/nac-nap/1.0/release/notes/NACNAPRN.html#wp1161060
  Thanks,
  Tarik Admani
  *Please rate helpful posts*