Inline—When using the inline quarantine method, Sentriant AG must be placed on the network
■
where all traffic to be quarantined passes through Sentriant AG. It must be inline with an
endpoint like a VPN.
3 Click ok.
Selecting the Access Mode
To select the access mode:
Home window>>System configuration>>Quarantining
1 Select one of the following in the Access mode area:
normal—Either allows or quarantines endpoints as dictated by each endpoint's assigned NAC
■
policy.
allow all - Endpoints are tested as required by their assigned NAC policies; however, they are
■
always granted access to the production network.
NOTE
If you are setting up a cluster for the first time, and you have not yet added an ES, select allow all until you have
finished configuring Sentriant AG.
Quarantining, 802.1X
The 802.1X quarantine (enforcement) method is enabled by default.
To select the 802.1X quarantine method:
Home window>>System configuration>>Quarantining
1 Select a cluster.
2 In the Quarantine method area, select the 802.1X radio button.
3 Click ok.
Entering Basic 802.1X Settings
To enter basic 802.1X settings:
Home window>>System configuration>>Quarantining>>802.1X quarantine method radio button
1 In 802.1X enforcement mode, the Enforcement servers must be able monitor DHCP conversations
and detect endpoints by sniffing network traffic as it flows between the DHCP server and the
endpoints. Select an Endpoint detection location radio button as follows:
Sentriant AG Software Users Guide, Version 5.3
System Configuration
79