Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
181182183184185186187188189190
3-65
Designing Access Controls
Choose Endpoint Integrity Testing Methods
Transparent Testing
The NAC 800 tries to implement a testing method transparently, with little or
no interaction from users. It will automatically try each testing method in the
following order:
1. The NAC 800 tries to test with the NAC EI agent.
2. If no agent is installed on the endpoint, the NAC 800 tries to install the
ActiveX agent.
3. If the ActiveX installation fails and if credentials for the endpoint or
domain exist, the NAC 800 tries to use the agentless method to test the
endpoint.
Thus choosing a testing method does not mean selecting a single method on
the NAC 800. Instead, as you plan endpoint integrity testing, you should select
your preferred testing method and set up the endpoints to support that
method. Then, when the NAC 800 tries that particular method, testing can be
completed successfully. For example, if you wanted to use the NAC EI agent,
you could take steps to ensure that the agent is downloaded and installed on
the endpoint. When the NAC 800 tried to test the endpoint, it would find the
agent and use this method to test the endpoint.
If you want to use ActiveX, you must ensure that users’ Web browser supports
ActiveX, and you must ask users to open their Web browser immediately after
they authenticate to the network.
If you want to use agentless testing, you must enter the administrator
credentials for endpoints as part of the NAC 800 configuration. You can
configure these credentials as part of:
Cluster setting defaults (which apply to all clusters)
Settings for a particular cluster (which take precedence over cluster
default settings)
For example, to enter administrator credentials as part of cluster default
settings, complete the following steps:
1. Select Home > System configuration > Cluster setting defaults > Agentless
credentials.