2-1
2
Quick EAD Deployment Configuration
Introduction to Quick EAD Deployment
Quick EAD Deployment Overview
As an integrated solution, an endpoint admission defense (EAD) solution can improve the overall
defense power of a network. In real applications, however, deploying EAD clients proves to be
time-consuming and inconvenient.
The device enables the quick deployment of EAD clients by implementing mandatory EAD client
distribution through 802.1x authentication.
Operation of Quick EAD Deployment
The device implements quick EAD deployment by leveraging the following two functions to enable
mandatory EAD client distribution:
Restricted access
Before passing 802.1x authentication, a user is restricted (through ACLs) to a specific range of IP
addresses or a specific server. Services like EAD client upgrading/download and dynamic address
assignment are available on the specific server.
HTTP redirection
Whenever a user accesses the Internet through the Internet Explorer (IE) before passing 802.1x
authentication, the device redirects the user to a predefined URL, such as the EAD client download
interface.
With the above two functions of quick EAD deployment, the device redirects all users to a server to
download and install the EAD client, resolving the EAD client deployment problem.
The quick EAD deployment feature takes effect only when the authorization mode of an 802.1x-enabled
port is set to
auto
.
Configuring Quick EAD Deployment
Configuration Prerequisites
z
Enable 802.1x on the device.
z
Set the port authorization mode to
auto
for 802.1x-enabled ports.