Network Access Control

 View Only
  • 1.  Symantec Network Access Control

    Posted Nov 08, 2011 01:28 PM

    I need help to configure a SNAC 6100 appliance with a remediação servant and a remediação DHCP. 
     
    Please I need urgently. 
     
    Att, 
     
    André Fonseca



  • 2.  RE: Symantec Network Access Control

    Posted Nov 09, 2011 05:12 PM

    André,

    The 6100 Series Enforcer can serve DHCP clients on two different DHCP servers, one which serves the Production IP addresses and the other serves the Remediation IP addresses.  The Enforcer makes it decision on which DHCP server to request the address from depending on the Host Integrity result that the client reports.

    Attach the Ethernet cables as outlined in the Implementation Guide, starting on page 283.

    Then, you will need to get the Enforcer registered with the SEPM.  You do this by using the following command:

    config spm ip [IPAddressOfSEPM] http [PortOfSEPMWebserver] group [EnforcerGroup] key [SharedSecretKey]

    The group is up to you to name.  After the Enforcer registers with the SEPM, the group will automatically be created in the SEPM.

    The shared secret/key is either 1) The very first password using when setting up the SEPM or 2) The key that you set when you installed the SEPM using Advanced Setup.

    Once you enter that command, enter "show status" to confirm that the Enforcer is connected to the SEPM.  It can take a minute or two to connect.

    After the DHCP Enforcer is connected, you manage the rest of the product from the SEPM.