Main Nav

Network Managers,

 We have been using Netreg (Southwestern version) for a long time, but there has been no work on it since 2007 as far as I can tell.  It doesn’t appear to be programmed for 64 bit systems.   So I am wondering what many of you are using to register your users on your network?  Are there any modern registration systems that are becoming popular in the public domain?


Tim Tyler

Network Engineer

Beloit College


********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at


We are switching to Infoblox this summer.

Kenneth V. Mattson III
Director - Network and Data
Creighton University
A password is like a toothbrush:
Choose a good one, change it regularly and don't share it.

Hi, Tim.  This may not be quite what you’re looking for, as we use a full commercial NAC setup instead of reg.  We implemented Perfigo in 2004.  Cisco was in the process of taking over the company at the time and rebranded it Cisco Clean Access (CCA).  We replaced CCA with Safe*Connect from Impulse Point in 2009.  Authentication/registration is pretty straightforward and similar, but the two products have some significant philosophical differences in their approach to hygiene checking.  CCA did very in-depth checking of every individual Windows update, and sometimes failed a machine that Windows was reporting as up to date.  Fixing those issues took a lot of support work on our part, and we spent many hours in the admin interface troubleshooting issues.  Safe*Connect, as we have it configured, just checks to make sure that Windows update is on and that a functioning and updated AV product is present.  I think that level of assurance strikes a good balance between reasonable protection and the support effort required to get there.  Most of our students are able to get their machines online through Safe*Connect without IT support.  The opposite was true with CCA.


I cannot recommend Safe*Connect highly enough, mostly because of the phenomenal support that they provide.  We go months at a time without either contacting them or even looking at the product’s admin interface – it’s truly “set it and forget it” technology.  If you’re even considering NAC, make sure they’re on your list.  If you happen to have Aruba wireless on campus, they integrate very well with that.





Charlie Prothero

Chief Information Officer

Keystone College


PacketFence is another open source one which has been in development for years.  It still is very much in active development and is deployed at some pretty big .edu institutions if I remember right.

Message from

Dot1x. Got an account? Got connectivity. Enables various buzzword-rich strategies. You're probably already using it for your wireless. Implement it as wired eduroam, and you've even solved a chunk of your 'visitors' problem. -- ian
Message from

I agree with you on your dot1x deployment, however, what about gaming consoles?  Do you have something that allows for those device types in your setup?  Many of them won't do dot1x authentication.

Josh Serba
Network Coordinator
Davenport University
p. 616.732.1164 | c. 616.318.7667

Message from

I don't know how other vendors do it, but Cisco's 802.1x (ISE) allows for what they call "Device Registration Webauth" in ISE Base, which is the base package without the expensive posture analysis Advanced component.

I can't vouch for that feature, but I'm installing the v1.1 demo now and will be testing that feature soon.

There is also MAB (MAC Address Bypass) which will send the MAC address as user/pw. Most radii servers can be setup to check a list of MACs to allow. Cisco called that approach '802.1x with holes'. Josh