Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrade.
Please accept our apologies in advance for any inconvenience this might cause.

SNAC Implementation doubts

Created: 15 May 2012 • Updated: 06 Jun 2012 | 4 comments
Chetan Savade's picture
This issue has been solved. See solution.

Hello Everyone,

Is is possible to block the clients connecting to the network if the client definitions were out of data for 3 days ?

If it's possible I need guidence to implement the same.

Discussion Filed Under:

Comments 4 CommentsJump to latest comment

SMLatCST's picture

Part 1, is in the creation of a HI policy to check for the AV requirement as below:

The second part is the actual control side of things, and is dependant upon the results of Part1.  This control part is where you would typically use self-enforcement to block access to network resources, or use one of the enforcers (DHCP/LAN/Gateway) to control network access.

cemilebaşak's picture


SMLatCST mentioned you must create a HI policy for detect the AV virus definition was older than 3 day.

Then if you use sefl enforcement you must use a quarantine firewall policy to block network access.

If you use lan enforcer or DHCP enforcer

You must define the rule if the host interity failed close port or assing a vlan for Lan enforcer and For DHCP enforcer while HI failed its stay on the qurantine ip range. You can still block with Qurantine firewall policy as well.



Cemile Denerel BAŞAK

Note: Please mark as solution if its help you.

Chetan Savade's picture

Thanks to both of you.

Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Srikanth_Subra's picture

Iam looking for this requirement only..thanks

Thanks & Regards,


"Defeat the Defeat before the Defeat Defeats you"
(Swami Vivekananda)