Introduction
Overview
1-12
Rapid testing and robust endpoint management – Thousands of
■
endpoints can be tested and managed simultaneously.
■
Continual testing – Endpoints are retested on an administrator-
defined interval as long as they remain connected to the network.
Compliance Enforcement
Based on endpoint test results, NAC 800 takes the appropriate action. End-
points that test compliant with the applied policy are permitted access. Non-
compliant endpoints are either quarantined, or are given access for a tempo-
rary period. Implement the necessary fixes during this period.
Key features include:
■
Flexible enforcement options – Grant or quarantine access criteria is
designated by the administrator and driven by the criticality of
selected tests and corporate security standards.
■
Manual overrides – Administrators can retest, quarantine, or grant
access to endpoints on demand.
User notifications – Users of non-compliant endpoints receive imme-
■
diate notification about the location of the endpoint deficiencies, as
well as step-by-step information about implementing the corrections
to achieve compliance.
Administrator notifications – Administrators receive a variety of noti-
■
fications and alerts based on testing and access activity.
Graduated enforcement – Allows controlled system rollout.
■
Automated and Manual Repair
■
Self-remediation – End-users are notified of where their endpoints are
deficient and provided with remediation instructions.
Access "grace period" – Non-compliant endpoints are granted access
■
for a temporary, administrator-defined period to facilitate remedia-
tion.
■
Patch Management – NAC 800 can integrate with patch manage-
ment software, automating the process to get an endpoint updated
and on the network.
Targeted Reporting
NAC 800 reports provide concise security status information on endpoint
compliance and access activity. Specific reports are available for auditors,
managers, and IT staff members.