Application Of Ead - 3Com 3C13636 Configuration Manual

3Com Router 3000 Ethernet Family
Configuration Guide
Management and control. EAD provides a user management platform
incorporating access policy, security policy, service policy, and security event
monitoring. It can help the network administrator to customize network policies
based on user identity. Moreover, in conjunction with the security policy server
and the security client, EAD can implement mandatory security configuration and
security event monitoring for endpoints.
The EAD solution for routers incorporates portal+. Portal+ is an enhancement to portal.
Different from portal where forcible authentication is supported only for HTTP requests,
portal+ can cooperate with the EAD client to provide security authentication in addition
to access authentication.

4.1.1 Application of EAD

Intern
Internet
Security
cooperation
device
Security client
Third-party antivirus client
Figure 4-1 Network diagram for EAD combined with portal authentication
Portal authentication-combined EAD involves five types of devices; they are described
in the following subsections.
II. Security client
Security client is installed on endpoints for endpoint authentication, security assess,
and security policy enforcement. It functions to:
Provide portal authentication. In conjunction with a security cooperation device,
for example, a router, it can control endpoint admission.
Check the security compliance of endpoints by checking OS version,
completeness of system patches, and other information. In conjunction with the
CAMS platform
et
Firewall
核 心
Core
网
network
安全联动
设 备
3Com Corporation
CA
MS
CAMS client management proxy
隔 离 隔 离
Isolation
Third-party antivirus server
区 区
zone
Patch server
4-2
Chapter 4 EAD Configuration
CAMS security
policy server