Table of Contents
Advertisement
Troubleshooting Quarantined Endpoints
Table 4-1
Enforcement Mode
DHCP
Endpoint
mode
enforcement
152 Novell ZENworks Network Access Control Users Guide
How endpoints are quarantined and
redirected to Novell ZENworks Network
Access Control
DHCP server (Novell ZENworks
Network Access Control) gives the
endpoint:
Quarantine range IP address (*)
255.255.255.255 netmask
(effectively blocks outgoing traffic
from the endpoint)
No default gateway
Novell ZENworks Network Access
Control server's IP as DNS server
(will resolve everything except
to the Novell
accessible devices
ZENworks Network Access
Control IP address)
The switch is configured with
additional IP helper addresses to
forward broadcast DHCP
requests to ESs as well as
production DHCP servers.
How quarantined endpoints reach
accessible devices
DHCP server (Novell ZENworks
Network Access Control) also sends:
A static route to the Novell
ZENworks Network Access
Control server IP via a gateway
(*)
Static routes to any IP addresses
defined in Accessible
services
Novell ZENworks Network Access
Control DNS — Novell ZENworks
Network Access Control will add any
listed in Accessible
names
services to the named.conf file so
the endpoint will be able to resolve the
names (to get the real IP). Unless there
are corresponding static routes, the
endpoint will not be able to access
them directly.
Novell ZENworks Network Access
Control Web Proxy — The Novell
ZENworks Network Access Control
server also advertises a Web proxy
server for endpoints that autodetect
Web proxies. This proxy will redirect all
Web requests through Novell
ZENworks Network Access Control,
and traffic destined for
names
Accessible services will be
proxied through Novell ZENworks
Network Access Control.
NOTE: Windows update does not
honor autoproxy. Workarounds include:
Adding Windows update
hostnames AND IP addresses to
Accessible services, or
Manually setting Novell
ZENworks Network Access
Control as the proxy (this would
require reversing this setting it
once a system was out of
quarantine).
in
Advertisement
Table of Contents
Related Manuals for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
Related Products for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
- NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 - INSTALLATION GUIDE 09-22-2008
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP 2
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP2 Beta 1
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- Novell Account Management 2.1
- NOVELL ADMINSTUDIO 9.5
- NOVELL APPARMOR - AND