Microsoft IAS/NPS Integration
Quick bit of info, NPS (IAS 2008) must be set to create "IAS (Legacy)" formated log files for enVision to recognize them. Note that we're still seeing large numbers of messages that are not being parsed correctly, but this change did allow many messages to be parsed at least at the header level.
Also note that the device configuration guidelines do not mention setting the NPS server to multi-device (something many enVision ventrans probably wouldn't get tripped up on) and also mention configuring the NIC ODBC service, which is not at all relevant to the agentless Windows and File Reader service that most sites use for this device type.
We just migrated to the new Network Policy Server from a legacy IAS installation.
I managed to get the logs into enVision, by select "IAS" as the log format type, but just as you mentioned, there are more messages parsed as "Unknown" than IAS.
Let us see when RSA steps up and delivers the enhancement.
Considering as how the parser hasn't been updated since mid-2009, I wouldn't hold your breath. It's nowhere on the ESU roadmap. I'm amazed there isn't any support for this Radius server in enVision beyond what looks extremely limited event types (none of which deal with authentication traffic).