Upload
zernike-college
View
853
Download
1
Tags:
Embed Size (px)
DESCRIPTION
WINDOWS 2008 Network Access Protection
Citation preview
•Layered Infrastructure•Policy based•Open to third parties•Denied network access/Quarantine•Remediation•NAP clients
Private Network
Unhealthy computer
Healthy computer
Accessing the network X
Remediation Server
NPS
HRAClient
No Policy
Authentication Optional
AuthenticationRequired
ClientSystem Health Agent (SHA)
Quarantine Agent (QA)
Enforcement Client (EC)
ServicesRemediation Server
Network Access Device and Server
System Health Server
Network Policy Server (NPS)
Quarantine Server (RADIUS)
System Health Validator (SHV)
Client SHV
NPS
Remediation
Network Access Device or Server
(RADIUS)
(SHV)
According to policy, the client is not up to date. Quarantine client, request it to update.
Should this client be restricted basedon its health?
Requesting access. Here’s my newhealth status.
MS NPSClient
802.1xSwitch
Remediation Servers
May I have access?Here’s my current health status.
Ongoing policy updates to Network
Policy Server
You are given restricted accessuntil fix-up.
Can I have updates?
Here you go.
Restricted Network
Client is granted access to full intranet.
System Health Servers
According to policy, the client is up to date.
Grant access.
•Nap client available for XP sp2•Cisco Network Admission Control (NAC)•Avenda Linux NAP Agent
Features Authentication Methods PEAPv0 (EAP-MSCHAPv2) PEAPv0 (EAP-TLS) Health Check Firewall Status - Check for firewall status, with auto-remediation Service Status - Check for different services. Auto-remediate by starting or stopping services. Firewall Ports - Check status of open or blocked TCP/UDP ports Anti-Virus Status - Check if anti-virus software is up-to-date Supported Platforms;
Redhat Enterprise Linux 4 and aboveCentOS 5 and above Fedora Core 6 and above
Avenda Linux NAP SHV for Microsoft NPS Features Health Check Firewall Status - Check for firewall status and open/blocked ports.
Auto Remediation - Turn on firewall; block or open ports. Service Status - Check status of different services running on the system.
Auto Remediation - Start or stop services. Anti-Virus Status - Check if anti-virus is running.
Auto Remediation - Start anti-virus.