3Com Network Access Manager Overview | 13 |
3Com EFW Policy 3Com Network Access Manager provides support for 3Com EFW Policy Support Server v2.5, which adds the concept of
(EFW) policies rather than just
Through 3Com Network Access Manager, the network administrator can change an EFW policy at the same time as the port security settings, speeding up the configuration of the network. The EFW policy is not returned in any RADIUS response.
To ensure that 3Com Network Access Manager and the 3Com EFW Policy Server operate together, the following steps must be followed using 3Com Network Access Manager:
■Define each EFW policy in 3Com Network Access Manager, see “Creating A New EFW Policy” in Chapter 3. 3Com Network Access Manager creates the EFW policy as an Active Directory object.
■Associate the EFW policy with rules created in 3Com Network Access Manager. This can be done during the creation of a new rule, or after a rule has been created, see “Creating A New Rule” and “Changing Rule Properties”in Chapter 3.
■Make sure that appropriate users and groups have been associated with each rule associated with the EFW policy, see “Displaying Members Of A Rule” in Chapter 3.
Any changes to EFW policy associations must be made through the 3Com Network Access Manager user interface. 3Com Network Access Manager will not recognize any externally made changes.
After making any change that might affect the EFW policy of a user, the EFW group associations must be recalculated for the user, this is done by clicking the Recalculate EFW membership button on the Tool bar at the top of the Administration Interface window, see Figure 14 in Chapter 3. Examples of changes that might affect the EFW policy of a user are:
■if a user’s properties are changed, the correct rule association has to be
