Sign In
Upload
Manuals
Brands
Enterasys Manuals
Software
Network Access Control
Enterasys Network Access Control Manuals
Manuals and User Guides for Enterasys Network Access Control. We have
1
Enterasys Network Access Control manual available for free PDF download: Design Manual
Enterasys Network Access Control Design Manual (98 pages)
NAC solution
Brand:
Enterasys
| Category:
Software
| Size: 2.39 MB
Table of Contents
Table of Contents
5
About this Guide
9
Intended Audience
9
Related Documents
9
Getting Help
10
Chapter 1: Overview
11
NAC Solution Overview
11
Key Functionality
11
Deployment Models
12
NAC Solution Components
14
The NAC Appliance
14
Component Requirements for NAC Deployment Models
14
NAC Gateway Appliance
15
NAC Controller Appliance
15
Appliance Comparison
17
Comparison of Appliance Functionality
17
Comparison of Appliance Advantages and Disadvantages
18
Netsight Management
19
Netsight NAC Manager
19
Netsight Console
20
Netsight Policy Manager
20
Netsight Inventory Manager
20
RADIUS Server
20
Assessment Server
20
Summary
20
Chapter 2 : NAC Deployment Models
23
Model 1: End-System Detection and Tracking
23
Implementation
23
Out-Of-Band NAC
23
Inline NAC (Layer 2)
24
Inline NAC (Layer 3)
24
Features and Value
24
Required and Optional Components
25
Model 2: End-System Authorization
25
Component Requirements for Detection and Tracking
25
Implementation
26
Out-Of-Band NAC
26
Inline NAC
26
Features and Value
27
Required and Optional Components
29
Component Requirements for Authorization
29
Model 3: End-System Authorization with Assessment
30
Implementation
30
Out-Of-Band NAC
30
Inline NAC
31
Features and Value
32
Required and Optional Components
34
Model 4: End-System Authorization with Assessment and Remediation
34
Component Requirements for Authorization with Assessment
34
Implementation
35
Out-Of-Band NAC
35
Inline NAC
36
Features and Value
36
Required and Optional Components
37
Component Requirements for Authorization with Assessment and Remediation
37
Summary
38
Enterasys NAC Deployment Models
38
Chapter 3 : Use Scenarios
39
Scenario 1: Intelligent Wired Access Edge
39
Policy-Enabled Edge
40
Intelligent Wired Access Edge with Enterasys Policy-Enabled Devices
40
RFC 3580 Capable Edge
41
Intelligent Wired Access Edge with RFC 3580 Capable Devices
41
Scenario 1 Implementation
42
Scenario 2: Intelligent Wireless Access Edge
43
Thin Wireless Edge
43
Intelligent Wireless Access Edge - Thin Aps with Wireless Switch
44
Thick Wireless Edge
45
Intelligent Wireless Access Edge - Intelligent AP
45
Scenario 2 Implementation
46
Scenario 3: Non-Intelligent Access Edge (Wired and Wireless)
47
Non-Intelligent Access Edge (Wired and Wireless)
48
Scenario 3 Implementation
49
Scenario 4: VPN Remote Access
49
Scenario 4 Implementation
50
VPN Remote Access
50
Summary
51
Use Scenario Summaries
51
Chapter 4 : Design Planning
53
Identify the NAC Deployment Model
53
Survey the Network
54
Identify the Intelligent Edge of the Network
54
Network with Intelligent Edge
55
Evaluate Policy/Vlan and Authentication Configuration
56
Case #1: no Authentication Method Is Deployed on the Network
56
Network with Non-Intelligent Edge
56
Case #2: Authentication Methods Are Deployed on the Network
57
Identify the Strategic Point for End-System Authorization
60
Identify Network Connection Methods
61
Wired LAN
61
Wireless LAN
61
Remote Access WAN
62
Site-To-Site VPN
62
Remote Access VPN
63
Identify Inline or Out-Of-Band NAC Deployment
63
Summary
63
Chapter 5: Design Procedures
65
Procedures for Out-Of-Band and Inline NAC
65
Identify Required Netsight Applications
65
Define Network Security Domains
66
NAC Configurations
67
Security Domain
67
NAC Configuration
68
NAC Configuration for a Security Domain
70
Security Domain Configuration Guidelines
71
Security Domain Configuration Guidelines for Assessment
74
Identify Required MAC and User Overrides
76
MAC Overrides
76
MAC and User Override Configuration
77
MAC Override Configuration Guidelines
78
User Overrides
80
Assessment Design Procedures
81
Determine the Number of Assessment Servers
81
Determine Assessment Server Location
82
Identify Assessment Server Configuration
82
Out-Of-Band NAC Design Procedures
83
Identify Network Authentication Configuration
83
Determine the Number of NAC Gateways
84
End-System Limits for NAC Gateways
84
NAC Gateway Redundancy
85
Determine NAC Gateway Location
86
Identify Backend RADIUS Server Interaction
87
Determine End-System Mobility Restrictions
87
VLAN Configuration
88
Policy Role Configuration
88
Define NAC Access Policies
88
Failsafe Policy and Accept Policy Configuration
89
Assessment Policy and Quarantine Policy Configuration
89
Policy Role Configuration in Netsight Policy Manager
90
Service for the Assessing Role
91
Unregistered Policy
92
Inline NAC Design Procedures
92
Determine NAC Controller Location
92
Service for the Quarantine Role
92
Determine the Number of NAC Controllers
94
End-System Limits for NAC Controllers
94
Layer 2 NAC Controller Redundancy
95
Layer 3 NAC Controller Redundancy
95
Identify Backend RADIUS Server Interaction
96
Define Policy Configuration
96
Failsafe Policy and Accept Policy Configuration
96
Assessment Policy and Quarantine Policy Configuration
96
Unregistered Policy
97
Additional Considerations
97
NAC Deployment with an Intrusion Detection System (IDS)
97
NAC Deployment with Netsight ASM
97
Advertisement
Advertisement
Related Products
Enterasys Netsight
Enterasys NetSight Element Manager
Enterasys NetFlow
Enterasys Network Ethernet Adapter
Enterasys Network Card
Enterasys N Standalone (NSA) Series
Enterasys Matrix N Series
Enterasys Matrix N Standalone Series
Enterasys Matrix N3 7C103
Enterasys Matrix N 2G4072-52
Enterasys Categories
Switch
Network Router
Network Hardware
Wireless Access Point
Software
More Enterasys Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL