Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
281282283284285286287288289290
A-18
Appendix A: Glossary
Q
quarantine The isolation of endpoints or systems to prevent potential infection of other
endpoints or systems. The NAC 800 determines whether to quarantine an
endpoint by applying the following policies in this order: access mode, tempo-
rarily quarantine/grant access setting, exceptions, NAC policies (the results of
tests in the policy).
quarantine all An access mode that mandates that all endpoints be quarantined regardless of
test results.
quarantine
method
The way in which non-compliant endpoints are quarantined. The NAC 800
supports three methods: 802.11X quarantine method, inline quarantine method,
and DHCP quarantine method. The quarantine method must be the same as the
deployment method.
quarantine subnet A tightly controlled subnet that is isolated from the rest of the network.
Quarantined endpoints are assigned to this subnet where the endpoints cannot
access network resources except those that are defined by the network
administrator.
QoS Quality of Service. A service provided by some network protocols such that
the network prioritizes traffic or guarantees a particular level of performance
to a type of data flow.
R
radio port See RP.
RADIUS Remote Authentication Dial-In User Service. An AAA protocol that allows a
server to store all of the security information for a network in a single, central
database. The server stores and manages end-user information so that it can
authenticate the end-users. The server also maps end-users to the services that
they are allowed to access. For more information, see RFC 2865 at http://
www.ietf.org/rfc/rfc2865.txt.
RADIUS server A common type of AAA server. The RADIUS server authenticates end-users,
using protocols such as PAP, CHAP, and EAP. If the end-user passes authentica-
tion, the server authorizes access to the network based on policies such as
valid access times. The server can also authorize the end-user for a specific
level of access by sending dynamic settings for the NAS to enforce. As an
accounting server, the RADIUS server can also be notified when a session
starts and stops.