How to quarantine and prevent rogue client connected to the network ?
Created: 24 Oct 2012 | Updated: 19 Nov 2012
Hi,
How can we prevent some one bringing their own computer without any Antivirus installed into the company network ?
So in other word is to prevent BYOD.
Quick Look Solution
Hi John Check may be
Hi John
Check may be help
- DHCP Enforcement
- DHCP enforcement restricts the computers that are out of compliance or the systems without clients. It restricts these systems to a separate address space or provides them with a subset of routes on the network. This restriction reduces the network services for these devices. Similar to gateway enforcement, you can make exceptions for trusted MAC addresses and non-Microsoft operating systems.
With the Symantec Integrated DHCP Enforcer (Microsoft DHCP Server Enforcer Plug-in) in SNAC 11.0 or 12.1 you can also enable the DHCP Trusted Vendors Configuration feature to allow certain types of machines (for example printers) to bypass the Enforcement.
Also see:
Using the DHCP Trusted Vendors Configuration feature with the Symantec Integrated DHCP Enforcer
http://www.symantec.com/docs/TECH92442
http://www.symantec.com/business/support/index?page=content&id=TECH91230
Comments
so basically to make sure the
so basically to make sure the user get the proper access, we need to be notified if such device is connected within the network and The Security admin team gets notified through email.
Kind regards,
John Santana
Graduate IT Professional
--------------------------------------------------
Please be nice to me as I'm newbie in this forum.
you can use SNAC component
you can use SNAC component where the host integrity rules are checked before allowing network access. If the client is not compliant to the policy it can be redirected to remediation server where the client can take the software, definition, patches etc and then can connect to network once compliant.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
thanks Pete, but how about if
thanks Pete,
but how about if the client doesn't have any AV installed ?
Kind regards,
John Santana
Graduate IT Professional
--------------------------------------------------
Please be nice to me as I'm newbie in this forum.
Hi John Check may be
Hi John
Check may be help
With the Symantec Integrated DHCP Enforcer (Microsoft DHCP Server Enforcer Plug-in) in SNAC 11.0 or 12.1 you can also enable the DHCP Trusted Vendors Configuration feature to allow certain types of machines (for example printers) to bypass the Enforcement.
Also see:
Using the DHCP Trusted Vendors Configuration feature with the Symantec Integrated DHCP Enforcer
http://www.symantec.com/docs/TECH92442
http://www.symantec.com/business/support/index?page=content&id=TECH91230
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi Ashish, Does this enforcer
Hi Ashish,
Does this enforcer can works without the SNAC or SEP component installed ?
Kind regards,
John Santana
Graduate IT Professional
--------------------------------------------------
Please be nice to me as I'm newbie in this forum.
Check this. DHCP enforcement
Check this.
DHCP enforcement restricts the computers that are out of compliance or the systems without clients
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Cool, so enabling the SNAC
Cool, so enabling the SNAC component with DHCP enforcer policy enabled will prevent the BYOD sprawl.
many thanks for the advice guys....
Kind regards,
John Santana
Graduate IT Professional
--------------------------------------------------
Please be nice to me as I'm newbie in this forum.
it can checek if SEP is
it can checek if SEP is installed or not, but you need to create the HI rule.
You can have only SNAC conponent as well installed with SEP.
There is DHCP enforcer where in before getting the IP the client will check if the user have AV installed or not.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
You can establish an
You can establish an Unmanaged Detector. It will discover unmanaged PCs (computers that are unmanaged or lacking SEP completely). That should be combined with notifications that alert you if an unmanaged client emerges. However, it's not blocking automatically.
See this KB article:
SEP 12.1 - What does it mean to set a client as an Unmanaged Detector?
http://www.symantec.com/docs/TECH183746
Would you like to reply?
Login or Register to post your comment.