Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software

271

272

273

274

275

276

277

278

279

280

A-2

Appendix A: Glossary

802.1X

deployment

method

The deployment method that corresponds to the 802.1X quarantine method. In this

method, the NAC 800 is connected to a switch via both its Ethernet ports. Port 1

receives authentication requests, and port 2 receives mirrored DHCP traffic.

See also DHCP deployment method and inline deployment method.

802.1X quarantine

method

One of the NAC 800’s three methods for quarantining endpoints that fail to

comply with the NAC policy. This method draws on the authentication and

authorization component of 802.1X, assigning end-users to a VLAN based not

just on identity but also on endpoint integrity posture. The NAC 800 can enforce

802.1X quarantining by working with an existing RADIUS server or by acting as

a RADIUS server itself. See also inline quarantine method and DHCP quarantine

method.

802.1X device The authenticator in the 802.1X framework, which forwards authentication

requests from endpoints to the NAC 800 that is acting as a RADIUS server. When

enforcing endpoint integrity, the NAC 800 sends a VLAN assignment for an

endpoint to the 802.1X device based on the endpoint’s integrity posture; the

802.1X device enforces the assignment.

802.3af A PoE standard for IEEE 802.3 (wired Ethernet).

AAA Authentication, Authorization, and Accounting. Processes that are used to

control network access and enforce security policies. For more information

about AAA, see RFC 2989 at http://www.ietf.org/rfc/rfc2989.txt. See also

authentication, authorization, and accounting.

access control The ability to determine which endpoints can access the network and the level

of access they receive. Access can be controlled based on an endpoint’s

compliance with network standards, for example, or on other configurable

settings.

access control

status

The label that the NAC 800 gives to an endpoint to define its ability to access

the network. Access control statuses are further defined by the rule that

produced the status.

access control

zone

A physical area of an organization that is defined by the way that users (public

or private) will access the network (wired or wireless). For example, a foyer

where non-employees access the network wirelessly is a public wireless zone,

whereas the internal offices where employees use wired workstations is a

private wired zone.