ビデオヘルプ
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to quarantine and prevent rogue client connected to the network ?

作成: 24 Oct 2012 • 更新: 19 Nov 2012 | コメント数: 9
この問題は解決されました。 ソリューションを参照してください。

Hi,

How can we prevent some one bringing their own computer without any Antivirus installed into the company network ?

So in other word is to prevent BYOD.

コメント コメント数: 最新のコメントを表示

John Santana の写真

so basically to make sure the user get the proper access, we need to be notified if such device is connected within the network and The Security admin team gets notified through email.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

pete_4u2002 の写真

you can use SNAC component where the host integrity rules are checked before allowing network access. If the client is not compliant to the policy it can be redirected to remediation server where the client can take the software, definition, patches etc and then can connect to network once compliant.

John Santana の写真

thanks Pete,

but how about if the client doesn't have any AV installed ?

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Ashish-Sharma の写真

Hi John

Check may be help

  • DHCP Enforcement
  • DHCP enforcement restricts the computers that are out of compliance or the systems without clients. It restricts these systems to a separate address space or provides them with a subset of routes on the network. This restriction reduces the network services for these devices. Similar to gateway enforcement, you can make exceptions for trusted MAC addresses and non-Microsoft operating systems.

    With the Symantec Integrated DHCP Enforcer (Microsoft DHCP Server Enforcer Plug-in) in SNAC 11.0 or 12.1 you can also enable the DHCP Trusted Vendors Configuration feature to allow certain types of machines (for example printers) to bypass the Enforcement.
    Also see:
    Using the DHCP Trusted Vendors Configuration feature with the Symantec Integrated DHCP Enforcer
    http://www.symantec.com/docs/TECH92442

http://www.symantec.com/business/support/index?page=content&id=TECH91230

Thanks In Advance

Ashish Sharma

ソリューション
John Santana の写真

Hi Ashish,

Does this enforcer can works without the SNAC or SEP component installed ?

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Ashish-Sharma の写真

Check this.

DHCP enforcement restricts the computers that are out of compliance or the systems without clients

Thanks In Advance

Ashish Sharma

John Santana の写真

Cool, so enabling the SNAC component with DHCP enforcer policy enabled will prevent the BYOD sprawl.

many thanks for the advice guys....

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

pete_4u2002 の写真

it can checek if SEP is installed or not, but you need to create the HI rule.

You can have only SNAC conponent as well installed with SEP.

There is DHCP enforcer where in before getting the IP the client will check if the user have AV installed or not.

greg12 の写真

You can establish an Unmanaged Detector. It will discover unmanaged PCs (computers that are unmanaged or lacking SEP completely). That should be combined with notifications that alert you if an unmanaged client emerges. However, it's not blocking automatically.

See this KB article:

SEP 12.1 - What does it mean to set a client as an Unmanaged Detector?

http://www.symantec.com/docs/TECH183746