Introduction
23
no
vd
ocx
(e
n)
24
Ma
rch 20
09
NAC Policy Definition
NAC policies consist of individual tests that evaluate the security status of endpoints attempting to
access the network. Specific tests assess operating systems, verify that key hotfixes and patches
have been installed, ensure antivirus and other security applications are present and up-to-date,
detect the presence of worms, trojans, and viruses, and check for potentially dangerous applications
such as file sharing, peer-to-peer (P2P), or spyware. See
Appendix B, “Tests Help,” on page 393
for
more information.
Key features include:
Out-of-the-box NAC policies
— High, medium, and low security are ready to use with no
additional configuration required.
Standard and custom tests
— Novell ZENworks Network Access Control comes with a
broad range of tests. You can also create custom tests through the Novell ZENworks Network
Access Control application programming interface (API).
Automatic test updates
— Novell ZENworks Network Access Control is automatically
updated with tests that cover newly released patches, hotfixes, software updates, worms, and
trojans, and recommended security settings for common applications. New tests are
automatically added to the test database as frequently as hourly, ensuring immediate protection
against newly discovered threats.
Organization-specific policies
— Any number of NAC policies can be created and tailored to
your organizational needs. Create policies for like endpoints (for example, all Windows 2000
workstations), for an IP range or specific IPs, or by geographic location.
Endpoint Testing
Novell ZENworks Network Access Control automatically tests all endpoints attempting to access
your network through a LAN, RAS, VPN, or WiFi connection. Tests are fast and you are kept
informed of test progress and results. After the initial compliance tests, Novell ZENworks Network
Access Control periodically tests endpoints that have been granted access to ensure that real-time
system changes do not violate the NAC policy.
TIP:
Novell ZENworks Network Access Control passes approximately 9 to 16 kilobytes of total
data between a single endpoint and a single Novell ZENworks Network Access Control server for a
single testing session with the High Security NAC policy (approximately 20 tests). It typically takes
between 5 and 10 seconds to all tests in a policy on a 100Mb LAN. If your endpoints are taking
longer to test, there might be a configuration problem with DNS on the Novell ZENworks Network
Access Control server.
NOTE:
If the end-user selects ActiveX test and then closes the browser, their endpoint is not
retested until the end-user opens another browser session, reloading the ActiveX agent.
Key features include:
Multiple test method options
— Agentless, ActiveX, or NAC Agent. Select the most
appropriate method for your environment or endpoint.
Содержание ZENworks Network Access Control 5.0
Страница 4: ...4 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 14: ...14 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 Glossary 525 ...
Страница 136: ...136 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 156: ...156 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 216: ...216 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 224: ...224 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 226: ...226 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 Figure 8 1 Inline Installations ...
Страница 227: ...High Availability and Load Balancing 227 novdocx en 24 March 2009 Figure 8 2 DHCP Installation ...
Страница 234: ...234 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 294: ...294 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 310: ...310 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 328: ...328 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 378: ...378 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 384: ...384 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 392: ...392 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 436: ...436 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 442: ...442 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 450: ...450 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 460: ...460 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 524: ...524 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...
Страница 534: ...534 Novell ZENworks Network Access Control Users Guide novdocx en 24 March 2009 ...