Network Access Control

 View Only

  • 1.  SNAC Agentless Configuration

    Posted Aug 05, 2009 11:22 PM
    I have to ask anybody to know about Symantec Network Access Control

    (Gateway mode) .  !! Please >o< Help me ~~

    Usually When computer connect to network that have SNAC(Gateway)  ,

    We must  download agentless and Install , After that That computer will

    check Policy , But If I restart computer Agent must be deleted

    How I configure  Agentless to don't be deleted when  I restart  or Keep Agentless for a week .

    Please Suggest me , How I configure ,(In SEPM or Enforcer or Somewhere)

    Thank you very much .


  • 2.  RE: SNAC Agentless Configuration
    Best Answer

    Posted Aug 06, 2009 12:48 PM
     when a guest endpoint tries to
    connect to the network, a network-based enforcement solution can recognize that it’s not a known
    endpoint device and redirect it to a Web server where it can download the dissolvable, on-demand
    agent. The agent will perform the appropriate compliance checks, based on the policies that the
    administrator has defined for guests. If it’s compliant, the endpoint can be granted access to the
    production network. When the network session ends, the agent will automatically remove itself
    from the endpoint.

    So when the computer again tries to connect to the network it will again download the application.
    If these computers are not temp/gues it better to install a permanent agent

    For more info please read pg :10
    http://www.civicaplc.com/NR/rdonlyres/9FCAF6CA-88E8-4559-923A-51253C0D3496/1965/SNAC_whitepaper.pdf


  • 3.  RE: SNAC Agentless Configuration

    Posted Aug 11, 2009 02:56 PM
    Dear All,

    I wanted to implemet SNAC but i have a question.

    Suppose you came to my office and you wanted to connect to my network to browse internet & you want to print some document on my network printer.

    Is it posibe In SNAC. So that user can only browse & pint on my network.

    I dont want that he/she can browse my whole network.

    How to Block that remote user to block my network but he can browse internet & print document on my printer.

    Thanks In Advacne

    Shri !!


  • 4.  RE: SNAC Agentless Configuration

    Posted Sep 19, 2009 04:17 AM
     it is really depends on how you manage the risk.

    SNAC is very flexible to help you on this.

    if "network printer" are always can be accessed by anyone,  suggest you place a Gateway enforcer there, and add printers as trust internal ip.

    the better ideas is: enable symantec NAC on-demand client downloading in your network.
    even a guest come in, he/she will download a symantec on-demand client and need to pass authentication before access the corporate network.
    when he/she leave the office, the on-demand client been completed uninstalled in seconds.







  • 5.  RE: SNAC Agentless Configuration

    Posted Nov 02, 2009 09:33 AM
    Hello,
    how can I enable symantec NAC on-demand client downloading in my network ?
    Thanks a lot.