5
End-user Access
End-users can connect to your network from a number of different types of computers (see
Supported" on page
168), be tested for compliance based on your definitions in the standard (high,
medium, or low security) or custom NAC policies (see
denied access based on test results and your quarantine settings (see
82). During the login process the end-users are presented with the end-user access windows, which
display the testing status and required remediation steps.
This section describes the end-user access windows and options, and details any settings that need to be
made on the endpoints.
Test Methods Used
Sentriant AG tests endpoints using one of the following methods:
Agent-based
●
Agentless
●
ActiveX
●
See
"Testing Methods" on page 128
Agent Callback
The Agent Callback to Sentriant AG feature allows the Sentriant AG agent to inform the ES that an
endpoint is now active on the network and available to be tested. This feature allows faster detection of
endpoints in a network utilizing static IP addresses.
Upon notification of a new network connection, the agent queries DNS for all available ESs and
attempts to execute an HTTP request against each ES until a successful request has occurred. This
request causes the ES to schedule the endpoint for testing.
The following terms are used in association with this feature:
Agent—The software residing on the endpoint that performs the tests.
●
Enforcement Server (ES)—The server that communicates with the agent to initiate tests, and
●
quarantines or allows network access based on the test results.
Endpoint—The computer being tested by Sentriant AG.
●
SRV record—A DNS record that contains information regarding a specific service on a network. For
●
example, HTTP or mail.
A record— A DNS record that contains information regarding a specific host name.
●
To enable this feature, add either SRV records or A records to your DNS system.
The agent performs a DNS query against the server for the following SRV names:
Sentriant AG Software Users Guide, Version 5.2
"NAC Policies" on page
for a description of each of these methods.
"Endpoints
215), and are allowed or
"Quarantining, General" on page
167