User guide
OAC in an Enhanced Security Network with Unified Access Control 5
Chapter 1: Odyssey Access Client Overview
Figure 3: OAC Authentication in a Network with 802.1X (Layer 2)
Endpoint Security Enforcement
Networks that include an Infranet Controller perform security enforcement
checking to ensure that all endpoints (computing devices) comply with the
network’s security policy. The purpose of security checking is to enhance the
security of the network and to reduce problems that can result from network
security threats, such as viruses, spyware, and other software security problems.
For endpoints that comply with network security policies, users can have full access
to protected networks based on the policies configured in the Infranet Controller for
a user’s realm and role.
For endpoints that do not comply with network security policies, users can expect
one of the following results:
The endpoint might be denied network access until it meets compliance
requirements. In some case, network access might be prevented only
momentarily during automatic remediation— for example, while the endpoint’s
anti-virus software settings are modified to conform to the network’s security
policy.
The endpoint might be granted access to protected networks while being
brought into compliance in the background.
The endpoint might be granted limited access to a special quarantine network
or VLAN while being brought into compliance. Compliance involves performing
the actions specified by remediation instructions, such as performing Windows
update patches, after which the endpoint might be granted access to protected
resources.
Quarantine and Remediation
The Infranet Controller checks your computer (endpoint) regularly for compliance
with all prescribed security requirements, such as anti-virus software that is running
on your computer.