34Chapter 1 Overview

Nortel SNAS 4050 functions

The Nortel SNAS 4050 performs the following functions:

Acts as a web server portal, which is accessed by users in clientless mode for authentication and host integrity check and which sends remediation instructions and guidelines to endpoint clients if they fail the host integrity check.

Communicates with backend authentication servers to identify authorized users and levels of access.

Acts as a policy server, which communicates with the TunnelGuard applet that verifies host integrity.

Instructs the network access device to move clients to the appropriate VLAN and, if applicable, to apply additional filters.

Can be a DNS proxy in the Red VLAN when the Nortel SNAS 4050 functions as a captive portal

Performs session management.

Monitors the health of clients and switches.

Performs logging and auditing functions.

Provides High Availability (HA) through IPmig protocol.

Nortel SNA VLANs and filters

There are four types of Layer 2 or Layer 3 VLANs in a Nortel SNA network:

Red — extremely restricted access. If the default filters are used, the user can communicate only with the Nortel SNAS 4050 and the Windows domain controller network. There is one Red VLAN for each network access device.

Yellow — restricted access for remediation purposes if the client PC fails the host integrity check. Depending on the filters and TunnelGuard rules configured for the network, the client may be directed to a remediation server participating in the Yellow VLAN. There can be up to five Yellow VLANs for each network access device. Each user group is associated with only one Yellow VLAN.

Green — full access, in accordance with the user’s access privileges. There can be up to five Green VLANs for each network access device.

320818-A

Page 34
Image 34
Nortel Networks manual Nortel Snas 4050 functions, Nortel SNA VLANs and filters