Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
241242243244245246247248249250
3-129
Designing Access Controls
Lay Out the Network
Table 3-105. Test for Windows Startup Registry Entries
Lay Out the Network
You are now ready to lay out the network and implement your policies. This
section guides you through deploying the components of your network access
control solution. While it discusses issues such as placing RADIUS servers and
grouping resources in VLANs, it does not focus on the physical aspect of
network design. In addition, issues such as providing redundancy and mini-
mizing congestion—while important—are beyond the scope of this design
guide.
Core Resources
Many networks have a core segment, which typically provides a home for
central network resources and routing switches.
Note The network core does not need to bear the sole responsibility for controlling
traffic routed between VLANs. ProCurve Networking recommends an Adap-
tive EDGE Architecture (AEA), in which centralized policies are enforced at
the edge. In other words, instead of configuring static ACLs on routing
switches, you configure policies on RADIUS servers (preferably using IDM),
and edge switches dynamically apply the correct ACLs to a user’s port.
You’ve already learned how to design those policies in “User Groups and
Policies” on page 3-106. Now you just need to establish the VLANs included
in your design as you lay out the network.
Applications and Services Allowed to Run at
Startup
Keys for Allowed Applications and Services