We are preparing of a posture PoV. I wanted to validate that we'd be able to accomplish the following requirements.
Here are the minimum requirements for posture:
Solution must be capable of device fingerprinting, looking at a combination of MAC, running services, and network behavior.
Solution must track the device, ensuring it stays on the VLAN it was placed on.
If the device is owned by our enterprise, the solution should verify that the normal support solutions (LandDesk, Trend) are in place and running
Granular access to IoT devices (apple tv, chromecast or sonos) on large single broadcast subnets eg we have a sonos speaker in a /22 space, how can we make the device visible to IP addresses / hosts X,Y, Z only.
Outside vendor access – ease of connecting to network after security posturing. Agent / agentless; what does installing AnyConnect on the end device look like and how easy is it to manage. The process of a device being untrusted after posturing (put in a segregation VLAN) vs a trusted device.
Device discovery – What information is discovered about hosts on a subnet and how easy is it to create specific policy enforcement for a discovered device eg blood gas machine on the 7th floor only needs access to server XYZ
... View more