cancel
Showing results for 
Search instead for 
Did you mean: 

 hi,

is there any way to obtain Rogue System Detection API to block Rogue Systems by NAC solutions?

2 Solutions

Accepted Solutions
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 10 of 10

Re: RSD API

Jump to solution

Are you asking for an api that will give you a list of rogue systems so you can then import that into your NAC to address them?  You can run a query through the api for detected systems that would give you that info. 

We do have a great Network Access Control device - Network Security platform.  One of the features includes this option:

NAC hosts involves regulating access to network resources based on host Operational Status level (Standard/ DHCP NAC), identity of the user logged into the host (IBAC) or both, and OOB NAC (L2, L3 ). The Sensor also provides the Hybrid NAC functionality where a host is first subjected to DHCP-NAC and then Standard NAC at different ports of the same Sensor

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 7 of 10

Re: RSD API

Jump to solution

Hi @farhook14 

I am afraid I do not have the best NEWS for you, but at the very least it could clarify your query on this page.

So, McAfee does not have a NAC solution that can be integrated with RSD(Not that I am aware of, we used to have something called MNAC, not any more). Hence we may not be able to quarantine any machine that is found to be outdated with definitions or does not have AV installed on it.

You may use the report you get out of RSD and use the IP addresses/Hostnames to feed to your DHCP -NAC as suggested above to stop provisioning IPs to them.

The takeaway is I am afraid we do not have a solution that integrates directly with RSD and provides host level NAC.

I sincerely hope this information helps.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

9 Replies
McAfee Employee vivs
McAfee Employee
Report Inappropriate Content
Message 2 of 10

Re: RSD API

Jump to solution

Hello,

I would like to request you to please open a Service Request with Technical Support Team, So they can check and provide you the correct information.

https://support.mcafee.com/webcenter/portal/supportportal/pages_home

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 3 of 10

Re: RSD API

Jump to solution

Hi farhook14,

Could you please clarify your question a little bit more. Are you asking is there a Web API script for RSD...?

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a soultion" if this reply resolves your query!

 

Re: RSD API

Jump to solution

I want to buy a Network Access Control (NAC) solution to quarantine systems that not compliant with our company policy. for example systems that don't have a AV or AV installed on them is outdated. RSD can detect rogue systems but can not block them to access LAN network for this reason i want to use NAC solutions that integrate with McAfee RSD.

McAfee Employee LKS
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: RSD API

Jump to solution

Hi farhook14,

If you are looking for a product to purchase, then you have to reach out to your sales account manager.

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a soultion" if this reply resolves your query!

McAfee Employee vivs
McAfee Employee
Report Inappropriate Content
Message 6 of 10

Re: RSD API

Jump to solution

Hello,

Thanks for your response.

Here we can suggest you to please reach out to sales team and let them know your requirements.

If you have any dedicated sales account manager , Please check with him.

Also you can call us on our toll free number or you can initiate a chat session with us.

https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_...

If you need a call back from our sales team please fill the details:


https://www.mcafee.com/enterprise/en-us/forms/contact-me.html

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 7 of 10

Re: RSD API

Jump to solution

Hi @farhook14 

I am afraid I do not have the best NEWS for you, but at the very least it could clarify your query on this page.

So, McAfee does not have a NAC solution that can be integrated with RSD(Not that I am aware of, we used to have something called MNAC, not any more). Hence we may not be able to quarantine any machine that is found to be outdated with definitions or does not have AV installed on it.

You may use the report you get out of RSD and use the IP addresses/Hostnames to feed to your DHCP -NAC as suggested above to stop provisioning IPs to them.

The takeaway is I am afraid we do not have a solution that integrates directly with RSD and provides host level NAC.

I sincerely hope this information helps.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Highlighted
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 8 of 10

Re: RSD API

Jump to solution

Network Access control device can quarantine a system before it even reaches the network which would be before any RSD on an internal system might see it.  It doesn't have to be integrated with RSD and is better on the external perimeter of the network.  So, yes, we do have an appliance that will do what you want.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 9 of 10

Re: RSD API

Jump to solution

@cdinet :

Excellent info! Thanks for clarifying that!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 10 of 10

Re: RSD API

Jump to solution

Are you asking for an api that will give you a list of rogue systems so you can then import that into your NAC to address them?  You can run a query through the api for detected systems that would give you that info. 

We do have a great Network Access Control device - Network Security platform.  One of the features includes this option:

NAC hosts involves regulating access to network resources based on host Operational Status level (Standard/ DHCP NAC), identity of the user logged into the host (IBAC) or both, and OOB NAC (L2, L3 ). The Sensor also provides the Hybrid NAC functionality where a host is first subjected to DHCP-NAC and then Standard NAC at different ports of the same Sensor

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community