Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
171172173174175176177178179180
3-61
Designing Access Controls
Choose Endpoint Integrity Testing Methods
Figure 3-4. InstallShield Wizard for the NAC EI Agent
Manually—You can instruct users to access the NAC 800 and download
the NAC EI agent manually. The NAC 800 makes the agent available at this
URL:
https://<CS or ES IP address>:89/setup.exe
A user might choose this option because he or she does not want to enable
ActiveX (required for automatic installation).
After the agent is installed, the NAC 800 can test the endpoint as often as
necessary without further end-user interaction.
Requirements for NAC Agent Testing. The agent must be installed on the
endpoint. For the NAC 800 to download the agent to endpoints automatically,
the endpoints must allow ActiveX content from the NAC 800.
Otherwise, either the IT staff or the user must install the NAC agent on the
endpoint before the user attempts to connect to the network.
If a router lies between the NAC 800 and the endpoints, the router must keep
TCP and UDP ports 1500 open. In most cases, the NAC 800 can automatically
open the correct ports through the endpoints’ firewall.