Scenario 1: Intelligent Wired Access Edge
within the same Quarantine VLAN because the authorization point is usually implemented at the exit point of the VLAN via Access Control Lists (ACLs).
Policy-Enabled Edge
The following figure illustrates how the NAC Gateway and the other Enterasys NAC components work together in a network with policy‐enabled edge switches to provide a comprehensive NAC solution.
Figure 3-1 Intelligent Wired Access Edge with Enterasys Policy-Enabled Devices
Enterasys
NAC Manager
Remediation
Web Page
Enterasys | 5 |
|
Matrix/SecureStack | NAC Gateway | |
Switch |
| |
|
| |
5 | 1 |
|
3 | 4 |
|
|
|
Policy Role=Quarantine
3 2
3
NAC Functions |
|
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
| ||
1 | Detect |
|
|
|
|
|
|
|
|
2 | Authenticate |
|
|
|
|
|
|
|
|
3 | Assess |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| ||
4 | Authorize | Assessment | Authentication | ||||||
5 | Remediate |
| Server |
| Server | ||||
(optionally integrated |
|
|
|
| |||||
|
|
|
|
|
|
in NAC Gateway)