Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software

301

302

303

304

305

306

307

308

309

310

A-4

Addendum to the ProCurve Access Control Security Design Guide

ProCurve Access Control Solution 2.1

The ProCurve Access Control Solution 2.1 provides adaptive edge control with

endpoint integrity. It is a flexible solution that is designed to meet the needs

of a variety of organizations, which can select one of the following options for

deploying the solution:

■ Adaptive access control with endpoint integrity—For organizations

that need the highest levels of security, the complete solution provides:

• Adaptive EDGE capabilities—ProCurve intelligent EDGE devices

and ProCurve Identity Driven Manager (IDM) prevent unauthorized

users from accessing the network and allow you to customize

network access for authorized users. ProCurve intelligent EDGE

devices include:

– Switches such as the ProCurve 8212zl Switch, ProCurve Switch

5400zl Series, and ProCurve Switch 5300xl Series

– Wireless infrastructure devices such as the ProCurve Access

Point 530 and ProCurve Wireless Edge Services Module. (For

more information about these and other intelligent EDGE

devices, visit the ProCurve Web site at http://www.pro-

curve.com.)

A plug-in to ProCurve Manager Plus (PCM+), IDM dynamically

applies security and performance settings based on user, device,

location, time, and client system state.

You can configure the intelligent EDGE devices to enforce one of the

three types of access controls outlined in Chapter 1: “Access Control

Concepts” of the ProCurve Access Control Security Solution Design

Guide—802.1X, MAC-authentication (MAC-Auth), or Web-authenti-

cation (Web-Auth). The EDGE devices can forward each user’s login

credentials to a RADIUS server, which verifies the credentials.

The ProCurve Access Control Solution allows you to use the Network

Access Controller (NAC) 800 as a RADIUS server or a third-party

RADIUS server such as:

– Microsoft Internet Authentication Service (IAS) (the RADIUS

server included with Microsoft Windows Server 2003)

– Microsoft NAP Health Policy Server (the RADIUS server included

with Microsoft Windows Server 2008)

– Juniper Steel-Belted Radius

– FreeRADIUS