Appendix A: Glossary
MS Management Server. When using a NAC 800 in a
N
NAC Network Access Controller. The generic term for any device that controls network access, particularly based on compliance with network policies (endpoint integrity).
NAC EI agent A
enable testing. The agent runs as a new Windows service.
NAC agent test Also called “agent test method,” a test method that requires a
NAC policy A collection of tests that evaluate the security status of endpoints that attempt to access the network. A policy includes a list of activated tests, their proper- ties, and actions, as well as a list of endpoints to which the policy applies. In addition, the policy defines how to handle endpoints that run OSs that the NAC 800 does not support, retest frequency, and how to handle inactive endpoints. Three default NAC policies are provided: high, medium, and low. You can also define your own policies.
NAC policy group A logical set of NAC policies that applies to one or more enforcement clusters. Each cluster uses only one NAC policy group.
NAS Network Access Server. A server that provides endpoints access and that enforces the decisions of AAA servers, thereby guarding access to the Internet, printers, phone networks, or other protected resources. While a NAS does not contain information about which endpoints and
NAT Network Address Translation. A method of reusing IP addresses wherein endpoints inside the network have IP addresses that are different from those that are presented to the Internet. For more information, see RFC 3022 at http:/ /tools.ietf.org/html/rfc3022.
