Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

enforcement of NAC policy

Created: 02 Mar 2012 | 1 comment
wmujawar's picture

Hi,

We are using Symantec Endpoint protection 11.0. We want to enforce NAC so that all the end users are allowed access only if their antivirus and windows updates and patches are updated.

How can i enforce NAC. Do we need to buy separate licenses for NAC. I assume that NAC is free with SEP licenses.

Comments 1 CommentJump to latest comment

SMLatCST's picture

The basic version included with the Protection Suites is "Self Enforcement".  This uses the SEP Firewall to restrict network access unless the client meets passes its Host Intergrity policy (i.e. all defs are up to date).

Beyond Self Enforcement, there are external enforcers which restrict network access by other means (via DHCP, Dynamic VLAN Allocation, or just blocking traffic while sitting inline).  Check out the below thread for description on the other enforcers:

https://www-secure.symantec.com/connect/forums/which-enforcer-better