Appendix A: Glossary
access grace The period of time between an endpoint failing a test and the endpoint being period quarantined. The network administrator sets the access grace period for a
particular test when configuring the test failure actions for that test in a NAC policy.
access method The way in which an endpoint connects to the network. Options include VPN,
access mode An option that controls whether NAC 800s in a particular enforcement cluster quarantine endpoints or allow them access to the network. Three settings are possible: normal, allow all, or quarantine all. “Normal” grants access to all endpoints that pass the NAC tests, “allow all” permits access to all endpoints regardless of test results, and “quarantine all” isolates all endpoints regardless of test results.
access point See AP.
accessible services Those services that are made available to quarantined endpoints so that they can perform remediation. Services include access to Web sites with service patch downloads or
accounting The process of collecting information about how resources are used. The collected information can then be used for trend analysis, billing, auditing, or regulatory compliance. The NAC 800 can provide RADIUS accounting services.
ACE Access Control Entry. A single rule that determines which endpoints or users can access a network resource. A collection of ACEs composes an ACL.
ACL Access Control List. A set of rules (ACEs) that network edge devices such as routers, switches, and wireless APs use to control access to network resources and to identify packets that require special handling such as QoS or NAT. An ACL can be configured to select packets according to values in their headers, such as IP protocol, source and destination IP address, and source and destination TCP or UDP ports.
Active Directory Active Directory. An
ActiveX A Microsoft technology that enables interactive Web content. An endpoint must accept ActiveX content from the NAC 800 to be tested via the ActiveX
