Table of Contents
Advertisement
NAC Policy Definition
NAC policies consist of individual tests that evaluate the security status of endpoints attempting to
access the network. Specific tests assess operating systems, verify that key hotfixes and patches
have been installed, ensure antivirus and other security applications are present and up-to-date,
detect the presence of worms, trojans, and viruses, and check for potentially dangerous applications
such as file sharing, peer-to-peer (P2P), or spyware. See
more information.
Key features include:
Out-of-the-box NAC policies — High, medium, and low security are ready to use with no
additional configuration required.
Standard and custom tests — Novell ZENworks Network Access Control comes with a
broad range of tests. You can also create custom tests through the Novell ZENworks Network
Access Control application programming interface (API).
Automatic test updates — Novell ZENworks Network Access Control is automatically
updated with tests that cover newly released patches, hotfixes, software updates, worms, and
trojans, and recommended security settings for common applications. New tests are
automatically added to the test database as frequently as hourly, ensuring immediate protection
against newly discovered threats.
Organization-specific policies — Any number of NAC policies can be created and tailored to
your organizational needs. Create policies for like endpoints (for example, all Windows 2000
workstations), for an IP range or specific IPs, or by geographic location.
Endpoint Testing
Novell ZENworks Network Access Control automatically tests all endpoints attempting to access
your network through a LAN, RAS, VPN, or WiFi connection. Tests are fast and you are kept
informed of test progress and results. After the initial compliance tests, Novell ZENworks Network
Access Control periodically tests endpoints that have been granted access to ensure that real-time
system changes do not violate the NAC policy.
TIP: Novell ZENworks Network Access Control passes approximately 9 to 16 kilobytes of total
data between a single endpoint and a single Novell ZENworks Network Access Control server for a
single testing session with the High Security NAC policy (approximately 20 tests). It typically takes
between 5 and 10 seconds to all tests in a policy on a 100Mb LAN. If your endpoints are taking
longer to test, there might be a configuration problem with DNS on the Novell ZENworks Network
Access Control server.
NOTE: If the end-user selects ActiveX test and then closes the browser, their endpoint is not
retested until the end-user opens another browser session, reloading the ActiveX agent.
Key features include:
Multiple test method options — Agentless, ActiveX, or NAC Agent. Select the most
appropriate method for your environment or endpoint.
Appendix B, "Tests Help," on page 393
for
Introduction
23
Advertisement
Table of Contents
Related Manuals for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
Related Products for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
- NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 - INSTALLATION GUIDE 09-22-2008
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP 2
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP2 Beta 1
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- Novell Account Management 2.1
- NOVELL ADMINSTUDIO 9.5
- NOVELL APPARMOR - AND