Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software

271

272

273

274

275

276

277

278

279

280

A-3

Appendix A: Glossary

access grace

period

The period of time between an endpoint failing a test and the endpoint being

quarantined. The network administrator sets the access grace period for a

particular test when configuring the test failure actions for that test in a NAC

policy.

access method The way in which an endpoint connects to the network. Options include VPN,

dial-up, wireless, or Ethernet.

access mode An option that controls whether NAC 800s in a particular enforcement cluster

quarantine endpoints or allow them access to the network. Three settings are

possible: normal, allow all, or quarantine all. “Normal” grants access to all

endpoints that pass the NAC tests, “allow all” permits access to all endpoints

regardless of test results, and “quarantine all” isolates all endpoints regardless

of test results.

access point See AP.

accessible services Those services that are made available to quarantined endpoints so that they

can perform remediation. Services include access to Web sites with service

patch downloads or plug-ins. The network administrator can configure which

services are available to quarantined endpoints.

accounting The process of collecting information about how resources are used. The

collected information can then be used for trend analysis, billing, auditing, or

regulatory compliance. The NAC 800 can provide RADIUS accounting services.

ACE Access Control Entry. A single rule that determines which endpoints or users

can access a network resource. A collection of ACEs composes an ACL.

ACL Access Control List. A set of rules (ACEs) that network edge devices such as

routers, switches, and wireless APs use to control access to network

resources and to identify packets that require special handling such as QoS or

NAT. An ACL can be configured to select packets according to values in their

headers, such as IP protocol, source and destination IP address, and source

and destination TCP or UDP ports.

Active Directory Active Directory. An LDAP-based directory service created by Microsoft that

is included with all Microsoft network servers.

ActiveX A Microsoft technology that enables interactive Web content. An endpoint

must accept ActiveX content from the NAC 800 to be tested via the ActiveX

plug-in. For more information, see the Microsoft Developer Center library at

http://msdn2.microsoft.com/en-us/library/aa751968.aspx.