Enterasys-networks 9034385 Bedienungsanleitung PDF herunterladen (Seite 68)

Procedures for Out-of-Band and Inline NAC

5-4 Design Procedures

Figure 5-2 NAC Configuration

Authentication

TheAuthenticationsettingsdefinehowRADIUSrequestsarehandledforauthenticatingend‐

systems(thisdoesnotapplytoLayer3NACControllers.)Thisincludesidentifying whetherMAC

authenticationrequestsareproxiedupstreamorlocallyauthorized,andwhetherFilter‐IDand

TunnelRADIUSattributesareaddedtoRADIUSmessagesduringtheauthentication

process.

Assessment

TheAssessmentConfigurationdefinesthefollowingrequirementsforend‐systemassessment:

•Whatassessmentteststorun.

TheAssessmentConfigurationdetermineswhattypesofassessmenttestsareexecutedand

whatparametersareused.Forexample,youcanspecifyaNessusassessmentutilizinga

specificNessusconfigurationfilethatdeterminesend‐systemcompliancewith

theSANSTop

20vulnerabilities.ThesameNessusservercanbeusedtoassessWindowsmachinesfor

Windows‐relatedvulnerabilitiesandalsoassessMACOS‐basedmachinesforMAC‐related

vulnerabilities.Inaddition,youcanspecifyNessusaswellasotherassessmentservicesto

jointlydeterminethesecuritypostureof

aconnectingdevice.

•Whatresourcestousetoruntheassessment.

TheAssessmentConfigurationdetermineswhatassessmentserversareusedtoperformthe

assessment.Youcanbalancetheassessmentloadbetweenallyourassessmentservers,oryou

canselectaspecificassessmentserverpooltouse.Forexample,assumingNessusischosen

for

assessment,end‐systemsconnectingtothenetworkinthecompanyʹsheadquarterscanbe

assessedwiththeNessusserverdeployedintheheadquarters,whileend‐systemsinabranch

officewillbeassessedwithNessusserversdeployedinthebranchoffice,conserving

bandwidthutilizationonthenetwork.

1 2 ... 63 64 65 66 67 68 69 70 71 72 73 ... 97 98

Keine Kommentare

Enterasys-networks 9034385 Bedienungsanleitung Seite 68