Addendum to the ProCurve Access Control Security Design Guide

ProCurve Access Control Solution 2.1

Endpoint integrity checking—The ProCurve NAC 800 checks each endpoint that requests access to the network and ensures that it meets your company’s security policies. Noncompliant endpoints are placed in a quarantine subnetwork, whereas compliant endpoints receive the settings you have configured for that device or for the authorized user accessing the network through that device.

If you prefer, the ProCurve Access Control Solution allows you to use Microsoft NAP for endpoint integrity checking. IDM integrates with NAP. When IDM receives an endpoint’s NAP statement of health, it uses this information to provision the network accordingly. (For more information about the NAP and the NAP statement of health, see page A-11.)

Adaptive access control—Organizations that are not ready to imple- ment an endpoint integrity solution can focus first on access control. Such organizations need ProCurve intelligent EDGE devices and IDM. Again, organizations can use ProCurve NAC 800 or a third-party RADIUS server. With this framework in place, organizations have the option of adding endpoint integrity later.

Access Control with Endpoint Integrity—Organizations may want to implement tight access controls and endpoint integrity, but they may not require customized access for users. For example, these organizations may rely on their directory service to control access to servers and applications. These organizations have several options when implement- ing this type of solution. For example:

The ProCurve NAC 800 provides both RADIUS services and endpoint integrity.

The ProCurve NAC 800 provides endpoint integrity and a third-party RADIUS server verifies users’ login credentials.

Enhancements to the ProCurve Access Control Solution 2.1

Each of the components in the ProCurve Access Control Solution has been updated in some way to provide additional security features or simplified configuration or management. The following sections outline these enhance- ments.

A-5

Page 308 Page 310
Page 309
Image 309
HP Access Control Client Software manual Enhancements to the ProCurve Access Control Solution
Page 308 Page 310
Top Page Image Contents