Chapter 13: Remote Device Activity Capture; Creating A Dac Host - Extreme Networks Sentriant AG Software User's Manual

13 Remote Device Activity Capture
This section describes two ways to achieve Remote Device Activity Capture (RDAC):

Creating a DAC host

●
Using the Infoblox connector
●
Creating a DAC Host
Sentriant AG auto-discovers endpoints on your network so that the testing and transition from
quarantine to non-quarantine areas happens quickly and smoothly after an endpoint is booted up.
Sentriant AG also relies on auto-discovery functionality to track DHCP IP address transitions so that it
can continue to communicate seamlessly with endpoints after an IP change. The utility used for auto-
discovery is Device Activity Capture (DAC). DAC listens or sniffs the network for, most importantly,
DHCP traffic, but can be configured to discover other types of IP traffic if needed (such as from static IP
addresses). DAC listens for DHCP ACK (a unicast from the DHCP server to the endpoint) messages so
that it knows exactly when an endpoint has received a new IP address and can be tested with a TCP/IP
connection. DAC works in a number of configurations:
DHCP (Router) and Inline Mode—DAC runs on the Enforcement Servers (ES) and discovers
●
endpoints when they generate traffic across the ES bridge. There is no need for you to do any extra
configuration of DAC in these modes.
802.1X Mode
●
Mirror Port—DAC runs on the ESs. The eth1 interface of the ES is connected to a mirror port on
■
a switch that mirrors DHCP traffic. The eth1 interface can also be configured to listen on a mirror
port for other types of traffic to discover endpoints with static IP addresses. Select the local radio
button in the Home window>>System configuration>>802.1X Quarantine
method>>Quarantining window to enable this mode.
Remote DAC (RDAC)—DAC runs as a standalone service on a Windows DHCP server and
■
relays DHCP information back to the ESs. DAC can also be configured to run on a non-DHCP
server to discover endpoints with static IP addresses. Select the remote radio button in the Select
the local radio button in the Home window>>System configuration>>802.1X Quarantine
method>>Quarantining window to enable this mode.
This section explains how to install DAC on a remote system. For Windows servers, use the Windows
installer to set up the first interface, then manually add other interfaces.
NOTE
When DAC is installed on the ES, it is sometimes referred to as Embedded DAC (EDAC). When DAC is installed
remotely, it is sometimes referred to as Remote DAC (RDAC).
Your DAC host can be a Windows server. This section provides instructions on setting up a Windows
host.
Sentriant AG Software Users Guide, Version 5.3
271