HP Access Control Client Software AEA, IDM, AES, ADSL, adware, method, endpoint, endpoint, endpoint, NAC EI agent, NAC EI agent, symmetric key, agent testing, agent See NAC EI agent

Appendix A: Glossary

ActiveX test An endpoint integrity-testing method that relies on the ActiveX control opera- method tion of signed and safe controls. The NAC 800 uses ActiveX to download a

temporary agent to the endpoint. All versions of the Windows operating system are supported, and no ports on an endpoint’s personal Windows firewall need to be opened. As long as the firewall allows Internet Explorer access and the Internet Explorer settings allow ActiveX, the endpoint can be tested. However, non-Internet Explorer browsers are not supported, and the endpoints cannot be retested after end-users close their browsers.

ADSL Asymmetric Digital Subscriber Line. A technology that permits the user to connect to an Internet service provider over the existing telephone infrastruc- ture. Data is transmitted on unused frequencies that are not used in a voice telephone call.

adware Software that displays unwanted pop-up ads on an infected endpoint. Although this type of malware may seem innocuous, the number and repetition of the ads can disrupt productivity and drain network bandwidth. Some adware programs are extremely difficult to uninstall or remove. Adware is usually installed using a Trojan.

AEA Adaptive EDGE Architecture™. A networking model developed by ProCurve that pushes decision-making and intelligence to the “edge” of the network, closer to the user, while providing control from the center. The NAC 800 and IDM provide control from the center. For more information, see the white paper at http://www.hp.com/rnd/pdfs/EDGEarchitecture_white_paper.pdf.

AES Advanced Encryption Standard. A block cipher that was adopted as an encryption standard. It is often used in symmetric key cryptology. For more information, see FIPS PUB 197 at http://www.csrc.nist.gov/publications/fips/ fips197/fips-197.pdf.

agent See NAC EI agent.

agent testing An endpoint integrity-testing method that employs the NAC EI agent, which is method installed once onto the endpoint and periodically updated. This method is

supported by Windows OS versions 98 and later and by Mac OSX 10.3.7 and later. The agent can be used through a firewall. See also NAC EI agent.

agentless test A testing method that does not require that an agent be installed on the method endpoint. Using the Windows RPC service, agentless testing allows the NAC

800 to begin testing, provide test results, and grant access to compliant endpoints without any interaction from the user. Of the three testing methods, agentless testing is the easiest to deploy, requiring less administrative effort and no memory on the endpoint. However, you cannot use this test method with legacy Windows operating systems (Windows 95, ME, and earlier) or non- Windows endpoints. Agentless testing requires that file and print sharing be

A-4