Plantronics blackwire c620 headsets with avaya ip softphone, avaya ip agent and avaya one-x communicator - issue 1.1 (16 pages)
Summary of Contents for Avaya Endpoint Access Control Agent
Page 1
Avaya Endpoint Access Control Agent User’s Guide NN47230-501, 03.02 May 2011...
Page 2
Avaya or the applicable third party. Avaya does not guarantee that these links will work all the time and has no control over the availability of the linked pages.
Getting product training..........................9 Getting help from a distributor or reseller....................9 Getting technical support from the Avaya Web site.................. 9 Chapter 2: Installing the Avaya Endpoint Access Control Agent ........Navigation..............................11 Avaya EAC Agent............................. 11 Avaya EAC Agent icons..........................12 Supported platforms..........................
Page 4
Configuring the Avaya Endpoint Access Control Agent ..............42 Variable definition..........................43 Index............................. Avaya Endpoint Access Control Agent User’s Guide May 2011...
Configuring the Avaya Endpoint Access Control Agent on page 31 This guide is intended for network managers who are installing Avaya EAC Agent software. This guide assumes that you have experience with Graphical User Interfaces (GUIs), Windows operating systems, and familiarity with network management.
Page 6
Example: Protocols > IP identifies the IP command on the Protocols menu. vertical line ( | ) Options for command keywords and arguments. Enter only one of the options. Do not type the vertical line when you enter the command. Avaya Endpoint Access Control Agent User’s Guide May 2011...
Network Access Protection Network Policy Server Related publications For more information about Avaya VPN Gateway (AVG), see the following publications: • User Guide - Avaya VPN Gateway • Administrator Guide - Avaya VPN Gateway Avaya Endpoint Access Control Agent User’s Guide...
To download Adobe Reader, see http://www.adobe.com Customer Service Visit the Avaya Web site to access the complete range of services and support that Avaya provides. See www.avaya.com or see one of the pages listed in the following sections.
The Training contacts link is located on the left-hand navigation pane. Getting help from a distributor or reseller If you purchased a service contract for your Avaya product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance.
Page 10
Introduction Avaya Endpoint Access Control Agent User’s Guide May 2011...
Chapter 2: Installing the Avaya Endpoint Access Control Agent Avaya Endpoint Access Control (EAC) Agent enables you to impose a security policy on the client PC when it is connected to the corporate network through the Avaya VPN Router (AVR), Avaya VPN Gateway (AVG), or Secure Network Access Switch (SNAS), .
Avaya VPN Gateway. Avaya EAC Agent icons There is an icon defined for each of the three Avaya Endpoint Access Control (EAC) Agent states. The following table describes the color and state of each icon. Table 1: Avaya EAC Agent icons...
Avaya EAC Agent installation allows you to install bundled VM (which is 1.6.0_24) with Avaya EAC Agent. The VM is installed under the <AEACA install dir>\ jre directory. This JRE is local to the Avaya EAC Agent and is only used by Avaya EAC Agent. Web browsers are not affected by it.
• EacaCstVm_5.4.0_006.msi which bundles JRE 1.6.0_24; • EacaCstNoVm_5.4.0_006.msi without JRE. To install the Avaya EAC Agent customizable kits on Windows Vista or Windows 7 the user must run the installer using administrators privileges. Extra steps are needed to gain administrator privileges. You can open a DOS command console with the “Run as administrator”...
The Avaya EAC Agent displays an icon in the Windows system tray. The icon indicates Avaya EAC Agent status. This icon also appears in the About dialog box of the Avaya EAC Agent. Avaya Endpoint Access Control Agent User’s Guide...
Page 16
Modify the MSI files to replace the files under [INSTALLDIR]\resources\*.ico with these icon files. [*] To change the icons for the Avaya EAC Agent, use the following naming conventions: • iconGray.ico: Avaya EAC Agent inactive; normally gray • iconNormal.ico: Avaya EAC Agent user compliant; normally green •...
Page 17
1. Create an 170x350 BMP graphic named AboutImage.bmp. 2. Place the graphic in the directory named as %INSTALL_DIR%\resources\. Customizing Connection dialog box icon To customize the Connection dialog box icon, use the following steps: Avaya Endpoint Access Control Agent User’s Guide May 2011...
EAC Agent Tray Monitor includes an icon in the system tray and provides pop-ups for failures and menu options. If you are using Avaya EAC Agent with SNAS, then you must install the EAC Agent Tray Monitor component. The custom install options provide the following options to the end user: •...
Page 19
Avaya EAC Agent status log — The Avaya EAC Agent logs are an optional feature with Windows Installer. By default, logging is enabled for standard install. To view the Avaya EAC Agent Status log, right-click the Avaya EAC Agent icon in the system tray and select the Status menu option.
Installing the Avaya Endpoint Access Control Agent tray, even when Avaya EAC Tray Monitor is installed and running on the system. This feature works on registry settings on desktop PCs, so you can modify the registry settings to change the behavior.
NAP interoperability The Multi-OS support allows the Avaya EAC Agent to identify Linux operating system or Macintosh operating system users and collect the necessary information. The Avaya EAC Agent does not perform additional compliance checks for those operating systems. The following types of Linux operating system are supported: •...
Page 22
Installing the Avaya Endpoint Access Control Agent Avaya Endpoint Access Control Agent User’s Guide May 2011...
Monitor reports the health status of the computer to the user. SRS Rule Check Avaya EAC Agent waits for a user to connect to a VPN gateway. Before connecting, the Avaya EAC Agent state is set to Inactive and the tray icon is gray.
Page 24
New Error Occurred and the icon to green with red color X. If an SRS rule fails the user is notified by the Avaya EAC Agent. The rule message shown can be standard or custom, defined when the rule is created.
VPN gateway. Note: Avaya EAC Agent can be configured to operate in Run Once mode. This options enables client SRS rule checks only one time and the resulting access is provided until a session logout. The run once mode is applicable only for portal and SPO clients. It also prevents session exit due to heartbeat timeout and rechecks.
Page 26
SRS rule is checked. Viewing the Avaya NAP Enforcement Client Status After the user establishes a VPN connection the Avaya EAC Agent checks the SRS rule. If the rule check fails then the Avaya NAP Enforcement Client automatically pops-up a system tray balloon and notifies the user.
Page 27
• access Network and Sharing Center (Control Panel > Network and Internet > Network and Sharing Center) and click View Status in the Network Access Protection panel. The Network Access Protection dialog shows the security state of the computer. Avaya Endpoint Access Control Agent User’s Guide May 2011...
5. Click OK to close the Avaya EAC Agent Status Logs dialog box. Using the Avaya EAC Agent Applet The Avaya EAC Agent Applet is a web browser Java applet that can run on Windows and non- Windows operating systems.
Page 29
5. If Avaya EAC Agent Applet SRS rule check fails and the gateway tears down the tunnel, the user redirects to the login web page. The login status shows the last rule message.
Page 30
Using the Avaya Endpoint Access Control Agent 6. If the SRS rule is successfully checked, the user gains access to the portal. Periodically, Avaya EAC Agent Applet checks the SRS rule to determine if the user’s computer meets the security policy configured on the gateway.
The Avaya EAC Agent provides the option of single sign-on log on. The Avaya EAC Agent collects the log on credentials for each user login to the network domain. The Avaya EAC Agent forwards log on credentials to the SNAS server as a part of the log on request.
Variable definition Use the data in the following table to log on. Variable Value Profile Specifies the user profile, which is used to log on to the Avaya EAC Agent. Server Specifies the SNAS domain name. Username Specifies the user name.
Creating a user profile Use the following procedure to create a user profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. Avaya Endpoint Access Control Agent User’s Guide...
Page 34
Specifies that the Avaya EAC Agent obtains windows domain Information username when user log onto the PC. Use Profile Defined User Specifies that the Avaya EAC Agent uses the logon credentials Information that are given for the current profile. Avaya Endpoint Access Control Agent User’s Guide...
Use the following procedure to modify a user profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. 2. Click the User Profiles tab.
Page 36
Use the following procedure to create a system profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. Avaya Endpoint Access Control Agent User’s Guide...
Page 37
Managing profiles 2. Click the System Profile tab. 3. Specify the name of the server. 4. Click Add. The Add New System Id dialog box appears. Avaya Endpoint Access Control Agent User’s Guide May 2011...
Page 38
Use the following procedure to modify a system profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. 2. Click the System Profile tab.
Use the following procedure to create a global user profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. Avaya Endpoint Access Control Agent User’s Guide...
Page 40
Value Profile Name Specifies the unique name assigned to the user profile. Use Domain User Information Specifies that the Avaya EAC Agent gets the logon credentials from the domain. Use Profile Defined User Specifies that the Avaya EAC Agent uses the logon Information credentials that are given for the current profile.
Page 41
Use the following procedure to modify a global user profile. Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Manage SNAS Profiles. The Manage Profiles dialog box appears. 2. Click the Global User Profiles tab.
To use MSCAPI Certificates, Avaya EAC Agent must be installed with a bundled JRE or with JRE 6 or later . For JRE 6, Avaya EAC Agent trusts all the certificates that are present in the ROOT Certificate store on your system. If the Trusted Certificate is not found in the Avaya EAC Agent Keystore or MSCAPI ROOT Truststore on the system with JRE 6, System Profiles cannot log on to SNAS.
Page 43
Settings of Avaya EAC Agent Procedure steps 1. In the Windows taskbar notification area, right-click the Avaya EAC Agent icon, and select Configure. The Avaya EAC Agent Configuration dialog box appears. 2. Complete the Avaya EAC Agent configuration details. 3. Click OK to save the details.
Page 44
Configuring the Avaya Endpoint Access Control Agent Variable Value Default User Profile Specifies the default user profile. Log All Check Results Check to register all checking results on the Avaya EAC Agent. Enable Single Sign-on Check to enable single sign-on for the Avaya EAC Agent.
Page 45
Index conventions, text ............reseller ................. customer service ............distributor ..............text conventions ............documentation .............. training ................. Avaya Endpoint Access Control Agent User’s Guide May 2011...