Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

SNAC Agentless Configuration

Updated: 21 May 2010 | 4 comments
Sunny123's picture
Sunny123
0 0 Votes
Login to vote
This issue has been solved. See solution.

I have to ask anybody to know about Symantec Network Access Control

(Gateway mode) .  !! Please >o< Help me ~~

Usually When computer connect to network that have SNAC(Gateway)  ,

We must  download agentless and Install , After that That computer will

check Policy , But If I restart computer Agent must be deleted

How I configure  Agentless to don't be deleted when  I restart  or Keep Agentless for a week .

Please Suggest me , How I configure ,(In SEPM or Enforcer or Somewhere)

Thank you very much .

discussion Filed Under:
,

Comments

Vikram Kumar-SAV to SEP's picture
06
Aug
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

Agentless= Disposable=dissolvable agents

 when a guest endpoint tries to

connect to the network, a network-based enforcement solution can recognize that it’s not a known
endpoint device and redirect it to a Web server where it can download the dissolvable, on-demand
agent. The agent will perform the appropriate compliance checks, based on the policies that the
administrator has defined for guests. If it’s compliant, the endpoint can be granted access to the
production network. When the network session ends, the agent will automatically remove itself
from the endpoint.

So when the computer again tries to connect to the network it will again download the application.
If these computers are not temp/gues it better to install a permanent agent

For more info please read pg :10
http://www.civicaplc.com/NR/rdonlyres/9FCAF6CA-88E8-4559-923A-51253C0D3496/1965/SNAC_whitepaper.pdf

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

SOLUTION
Block All Web Sites's picture
11
Aug
2009
0 Votes 0
Login to vote
Block All Web Sites

Allow Guest user to browse internet & print document on network

Dear All,

I wanted to implemet SNAC but i have a question.

Suppose you came to my office and you wanted to connect to my network to browse internet & you want to print some document on my network printer.

Is it posibe In SNAC. So that user can only browse & pint on my network.

I dont want that he/she can browse my whole network.

How to Block that remote user to block my network but he can browse internet & print document on my printer.

Thanks In Advacne

Shri !!

figo's picture
19
Sep
2009
0 Votes 0
Login to vote
figo
Symantec Employee

reply to Shri

 it is really depends on how you manage the risk.

SNAC is very flexible to help you on this.

if "network printer" are always can be accessed by anyone,  suggest you place a Gateway enforcer there, and add printers as trust internal ip.

the better ideas is: enable symantec NAC on-demand client downloading in your network.
even a guest come in, he/she will download a symantec on-demand client and need to pass authentication before access the corporate network.
when he/she leave the office, the on-demand client been completed uninstalled in seconds.


andrea.valpiani's picture
02
Nov
2009
0 Votes 0
Login to vote
andrea.valpiani

enable symantec NAC on-demand client downloading in my network

Hello,
how can I enable symantec NAC on-demand client downloading in my network ?
Thanks a lot.

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
259,042