Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

enforcement of NAC policy

Created: 02 Mar 2012 | 1 comment
wmujawar's picture

Hi,

We are using Symantec Endpoint protection 11.0. We want to enforce NAC so that all the end users are allowed access only if their antivirus and windows updates and patches are updated.

How can i enforce NAC. Do we need to buy separate licenses for NAC. I assume that NAC is free with SEP licenses.

Comments 1 CommentJump to latest comment

SMLatCST's picture

The basic version included with the Protection Suites is "Self Enforcement".  This uses the SEP Firewall to restrict network access unless the client meets passes its Host Intergrity policy (i.e. all defs are up to date).

Beyond Self Enforcement, there are external enforcers which restrict network access by other means (via DHCP, Dynamic VLAN Allocation, or just blocking traffic while sitting inline).  Check out the below thread for description on the other enforcers:

https://www-secure.symantec.com/connect/forums/which-enforcer-better