Enterasys Networks 9034385 manual 1 Use Scenario Summaries, Summary and Appliance Requirements

Summary

5.Remediation ‐ When the quarantined end user opens a web browser to any web site, its traffic is dynamically redirected to a Remediation web page that describes the compliance violations and provides remediations steps for the user to execute in order to achieve compliance. After taking the appropriate remediation steps, the end user clicks on a button on the web page to reattempt network access, forcing the re‐assessment of the end‐system. At this point, the Enterasys NAC solution transitions the end‐system through the entire NAC cycle, re‐assessing the security posture of the end‐system to determine if the remediation techniques were successfully followed. If the end‐system is now compliant with network security policy, the NAC Controller authorizes the end‐system with the appropriate access policy. If the end‐system is not compliant, the end‐ system is restricted access to the network by assigning a policy to the end‐system on the NAC Controller, and the process starts again.

Summary

The decision whether to deploy inline or out‐of‐band network access control depends on the infrastructure devices deployed in your network. For some network topologies, inline NAC utilizing the NAC Controller appliance may be required while for other network configurations, out‐of‐band NAC utilizing the NAC Gateway appliance may be used.

The following table summarizes four NAC use scenarios and their NAC appliance requirements. The Enterasys NAC solution is capable of implementing network access control for all four use scenarios as well as environments with mixed use scenarios that may require the concurrent deployment of inline and out‐of‐band NAC.

.

Table 3-1 Use Scenario Summaries

Enterasys NAC Design Guide 3-13