Post-Connect; Allowing The Post-Connect Service Through The Firewall; First Time Selection - Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008 User Manual

2 In the Quarantine method area, select the Inline radio button.
3 Click ok.

3.14 Post-connect

Post-connect in Novell ZENworks Network Access Control provides an interface where you can
configure external systems, such as IDS/IPS, that request quarantining of an endpoint based on
activity that occurs after the endpoint has connected to the network (post-connect).
The following sections contain more information:
Section 3.14.1, "Allowing the Post-connect Service Through the Firewall," on page 109
Section 3.14.2, "First Time Selection," on page 109
Section 3.14.3, "Setting Novell ZENworks Network Access Control Properties," on page 110
Section 3.14.4, "Configuring a Post-connect System," on page 111
Section 3.14.5, "Launching Post-connect Systems," on page 112
Section 3.14.6, "Post-connect in the Endpoint Activity Window," on page 112
Section 3.14.7, "Adding Post-connect System Logos and Icons," on page 113

3.14.1 Allowing the Post-connect Service Through the Firewall

The firewall must be opened for each post-connect service that communicates with Novell
ZENworks Network Access Control.
To open the firewall for your post-connect service:
Command line window
1 Log in to the Novell ZENworks Network Access Control MS as root using SSH or directly
with a keyboard.
2 Enter the following command at the command prompt:
iptables -I INPUT -s<host> -m tcp -p tcp --dport 61616 -j ACCEPT
Where <host> is the external server IP address.

3.14.2 First Time Selection

The first time you select the Post-connect menu option, you are prompted to configure your
external system:
System Configuration 109