Table of Contents
Advertisement
9
Inline Quarantine Method
9
Inline is the most basic Novell ZENworks Network Access Control installation. When deploying
Novell ZENworks Network Access Control inline, Novell ZENworks Network Access Control
monitors and enforces all endpoint traffic. Novell ZENworks Network Access Control allows
endpoints to access the network or blocks endpoints from accessing the network based on their
Internet Protocol (IP) address with a built-in firewall (iptables).
When Novell ZENworks Network Access Control is installed in a single-server installation, Novell
ZENworks Network Access Control becomes a Layer 2 bridge that requires no changes to the
network configuration settings.
As shown in
(Figure 9-1 on page
230), Novell ZENworks Network Access Control is installed inline
in a multiple-server configuration, the multiple ESs form a Layer 2 bridge that spans two switches,
resulting in a network loop. This is an undesirable situation. To prevent this, you may have to
configure the switch that connects the Novell ZENworks Network Access Control ESs to use
Spanning Tree Protocol (STP), if STP is not already configured. The STP automatically detects the
loop, and closes one of the offending ports on the switch based on the switch configuration. If an ES
becomes unavailable, the switch automatically reconnects the previously closed port so that there is
always a path from the VPN to an ES.
See the Novell ZENworks Network Access Control Installation Guide for more information on
installing Novell ZENworks Network Access Control in inline mode.
Inline Quarantine Method
229
Advertisement
Table of Contents
