Endpoint Activity
Quickly Viewing Endpoint Access Control Status
The following list describes most common reasons why an endpoint could have been given the access
control status quarantined or granted access:
Quarantined—The endpoint has been assigned a quarantined IP address.
●
Administratively quarantined—In the Change endpoint access status window, the administrator
■
has selected Temporarily quarantine for an specified time frame. For more information about
temporary quarantines, see
Post-connect quarantine—The endpoint has been quarantined because a post-connect service
■
requested the temporary quarantine. For more information, see
Server" on page
NAC policy—The endpoint has been quarantined as dictated by its assigned NAC policy.
■
Common examples include:
The NAC policy assigned to the endpoint has an Trust level of guilty until proven innocent or
●
innocent until proven guilty, and the endpoint failed one or more compliance tests in the NAC
policy.
The NAC policy assigned to the endpoint has an Trust level of blacklisted.
●
The endpoint is a Unix server and its assigned NAC policy does not have Unix/Linux selected
●
as one of the Allowed unsupported OSs.
Granted access—The endpoint has been assigned a non-quarantined IP address.
●
Allow all access mode—The endpoint would have been quarantined; however, the enforcing
■
cluster's Access mode is set to allow all.
Administratively granted access - In the Change endpoint access status window, the
■
administrator has selected Temporarily grant access for a specified time frame. For more
information about temporary access grants, see
page
149.
NAC policy—The endpoint has been granted network access as dictated by its assigned NAC
■
policy. Common examples include:
The NAC policy assigned to the endpoint has an Trust level of guilty until proven innocent or
●
innocent until proven guilty, and the endpoint passed all tests in the NAC policy.
The NAC policy assigned to the endpoint has an Trust level of whitelisted.
●
The NAC policy assigned to the endpoint has an Trust level of guilty until proven innocent or
●
innocent until proven guilty, and the endpoint failed one or more compliance tests, but as
specified by those tests, the endpoint user has been given a grace period in which to correct the
issues.
Error with access control - An error occurred while attempting to quarantine or grant network
●
access to an endpoint. This status will appear in the primary filtering area only if errors occurred
with one or more endpoints.
For a detailed description of how an endpoint is assigned an access control status, see
Precedence" on page
144
"Temporarily Quarantining Endpoints" on page
381.
367.
"Configuring the Post-connect
"Temporarily Granting Access to Endpoints" on
Sentriant AG Software Users Guide, Version 5.3
150.
"Access Control