Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
51525354555657585960
1-40
Access Control Concepts
Network Access Control Technologies
Agentless. Agentless solutions use applications that are already available on
the endpoint, such as Windows Management Interface (WMI), Simple Net-
work Management Protocol (SNMP), or Microsoft Remote Procedure Call
(RPC), to provide the agent functions.
Note The ProCurve NAC 800’s agentless option relies on RPC, which provides a
flexible framework for a variety of communications between remote devices,
including endpoint integrity checks.
Agentless solutions have several benefits:
Ease of deployment—Time and resources are saved because agentless
solutions do not require users to install software on their endpoint. And
you do not have to train users to set up their endpoints for testing: in most
cases, the native applications that provide agent functions are already
active.
Minimal impact on users and endpoints—In many cases, agentless
testing can proceed from beginning to end without any user interaction.
In addition, the endpoint neither has to store a permanent agent nor
download a transient agent.
You might, however, encounter issues with:
Unsupported endpoints—The endpoint must have the proper applica-
tion for the agentless solution to function.
Requirements on the application—The application enlisted to fulfill
the role of the endpoint integrity agent was not designed specifically for
that purpose. To use the application, the network access controller must
follow its rules. For example, RPC requires the network access controller
to submit administrator credentials to the endpoint. For this reason, this
agentless solution functions best on endpoints that are managed members
of a Windows domain (all have the same credentials).
Combined Solutions. Some network access controllers offer multiple test-
ing methods to accommodate various needs. The ProCurve NAC 800, in fact,
provides all three.
Endpoint Requirements for Integrity Checking
The endpoint requirements for integrity checking depend almost entirely on
the testing method implemented by the network access controller.
In general, the endpoint requires the following for each method:
Permanent-agent based—installation of an agent designed for the net-
work access controller