A legend for the test failure icons can be accessed in the upper right-hand corner as shown in the
following figure.
Figure 128: NAC Policy Test Failure Icons
14 Enable a test in the NAC policy by clicking the checkbox next to the test name.
15 Select a test by clicking the test's name to the right of its associated checkbox.
16 Select one or more Test failure actions. These actions are taken when an endpoint fails the test.
Quarantine the endpoint - Select this action if an endpoint that fails the test is to be quarantined.
■
NOTE
The option to quarantine endpoints that fail a test is not available for NAC policies having a Trust level of whitelisted
or blacklisted. Whitelisted endpoints are never quarantined and blacklisted endpoints are always in quarantine.
However, tests that are enabled will be performed on endpoints even if they are whitelisted or blacklisted.
immediately - Select this option if you want to quarantine the endpoint as soon as it fails the
●
test.
after a grace period of - Select this option if you want to give the endpoint user time to fix the
●
problem. Enter the grace period's amount of time and units (for example, 24 hours).
Send an email notification - Select this option to have an email message sent if an endpoint fails
■
the test. All recipients of the Notifications for the testing enforcement cluster will be sent the
message.
NOTE
Notifications for the testing enforcement cluster must be configured with at least one email recipient. See
"Notifications" on page 126
Initiate a patch manager - Select this option to notify the patch manager client that the endpoint
■
needs to be patched if it fails this test.
Sentriant AG Software Users Guide, Version 5.3
for more information.
NAC Policies
213