78CHAPTER 4: USING 3COM NETWORK ACCESS MANAGER WITHIN A NETWORK
Case Study 3 - | This case study describes the tasks that need to be performed in order to |
Blocking A Specific | block a specific PC from the network, using |
PC From The | authentication. It is an example of a Blacklist mode in which all devices |
Network | are allowed network access unless the device is on the blacklist. This is |
| useful in very large networks where you just want to block access to |
| specific PCs. |
Network | The following provides an overview of the tasks for a network |
Administrator Tasks | administrator responsible for the domain on the network. |
1Ensure edge port security is set to
Edge ports are called ‘access ports’ on the Switch 5500.
Using 3Com Network Access Manager:
2Select the Default Rule and set the Network Access to Allow, see “Changing Rule Properties” in Chapter 3.
3Create a Blacklist rule which can be used to deny network access to specific computers.
aSet security permissions for the Blacklist rule. Grant READ and WRITE access to the users/groups permitted to apply the rule, grant READ access to all Network Administrators in the domain to ensure they can see that the rule exists even if they are not permitted to apply the rule.
bSet the Actions for the rule:
select the rule priority, a Blacklist rule should be assigned a high priority to ensure it takes precedence over other rules
set Network Access for the Blacklist rule to Deny to block network access,
4Ensure the network operators or those individuals responsible for applying the Blacklist rule have the Network Operator component of 3Com Network Access Manager installed on their PC.
