Network Access Control

 View Only

  • 1.  SNAC End of Life

    Posted Jun 05, 2014 06:44 AM

    Hi all,

    We have gateway enforcer which license has expired.

    We renewed the SPS licences so the SNAC on desktop was also renewed.

    Can We continue to modify policies even if the license enforcer has expired ?

    It seems that the support will end on 2017, will we continue to benefit support even if the license enforcer has expired ?

     

    Best Regards



  • 2.  RE: SNAC End of Life

    Posted Jun 05, 2014 08:05 AM

    Read thru these articles:

    https://www-secure.symantec.com/connect/blogs/announcing-end-life-symantec-network-access-control-121

    http://www.symantec.com/docs/HOWTO95154



  • 3.  RE: SNAC End of Life

    Posted Jun 06, 2014 04:29 AM

    Ok but the thing i want to know is If the enforcer license expired and the Snac enpoint with host integrity is pu to date , can I always use enforcer to restrict access to network for unmanaged endpoint.

    for managed endpoint can I always host integrity without enforcer?

     



  • 4.  RE: SNAC End of Life
    Best Answer

    Posted Jun 06, 2014 06:20 AM

    AFAIK, the GW Enforcer will still operate as normal even after the maintenance subscription has expired.  That said, you may want to contact Symantec about renewing it (if possible) so that you can still get access to support in case anything goes wrong between now and the End of Support Life.

    HI works fine without an enforcer, and can be used in conjunction with normal SEP policies (usually the FW policy) to perform self-enforcement if required.

    Self-enforcement only applies to managed SEP Client however, so you may still need an alternative form of NAC to protect your network from unmanaged devices (guest machines, etc).