EasyManua.ls Logo

Alcatel-Lucent OmniSwitch 6850-48 - Host Integrity Check (End-User Compliance)

Alcatel-Lucent OmniSwitch 6850-48
1162 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring Access Guardian Access Guardian Overview
OmniSwitch AOS Release 6 Network Configuration Guide September 2009 page 34-15
4 If there are no Group Mobility VLAN or UNP mobile rules that match the client traffic, then the device
is learned in the default VLAN for the 802.1X port.
See “Configuring Access Guardian Policies” on page 34-22 for more information about how to use and
configure policies.
Note. It is possible to bypass 802.1x authentication and classify supplicants connected to an 802.1x port as
non-supplicants (see the “Configuring the Number of Polling Retries” section in Chapter 37, “Configur-
ing 802.1X,” for more information). When this is done, all devices (including supplicants) are then classi-
fied as non-supplicants. As a result, non-supplicant policies that use MAC-based authentication are now
applicable to supplicant devices, not just non-supplicant devices.
The following diagram illustrates the conceptual flow of Access Guardian policies, including the separate
Web-based authentication branch provided by Captive Portal:
For more information, see “Configuring Access Guardian Policies” on page 34-22 and “Configuring
Captive Portal Authentication” on page 34-32.
Host Integrity Check (End-User Compliance)
Host Integrity Check (HIC) is a mechanism for verifying the compliance of an end user device when it
connects to the switch. Configurable HIC policies are used to specify, evaluate, and enforce network
access requirements for the host. For example, is the host running a required version of a specific operat-
ing system or anti-virus software up to date.
The Access Guardian implementation of HIC is an integrated solution consisting of switch-based func-
tionality, the InfoExpress compliance agent (desktop or Web-based) for the host device, and interaction
with the InfoExpress CyberGatekeeper server and Policy Manager.
The switch-based functionality is provided through the configuration of a User Network Profile (UNP),
which contains a configurable HIC attribute. HIC is either enabled or disabled for the profile. A UNP is a

Table of Contents

Other manuals for Alcatel-Lucent OmniSwitch 6850-48

Preview: Hardware User's Guide
Hardware User's Guide188 pages
Preview: Management Guide
Management Guide312 pages
Preview: Getting Started Guide
Getting Started Guide34 pages
Preview: Brochure & Specs
Brochure & Specs20 pages

Related product manuals