Manualshelf

Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806
401402403404405406407408409410
Chapter 16. Network Login | 409
NETGEAR 8800 User Manual
RADIUS server that supports NAP (Microsoft Windows Vista operating system refers to
this as a network policy server (NPS), formerly known as the internet authentication
server (IAS)).
Remediation servers that receive unhealthy supplicants. The remediation servers contain
the appropriate software updates, anti-virus software, and so on to make a supplicant
healthy.
In addition to the required hardware and software, you must configure NAP-specific VSAs on
your RADIUS server. By configuring these VSAs, you ensure supplicant authentication and
authorization to the network and the switch creates dynamic Access Control Lists (ACLs) to
move unhealthy supplicants to the quarantine VLAN for remediation. For more information,
see
Using NAP-Specific VSAs to Authenticate 802.1x Supplicants on page 411.
Figure 26 displays a sample network that uses NAP to protect the network.
Figure 26. Sample Network Using NAP to Provide Enhanced Security
Example Scenarios Using NAP
Using Figure 26, the following two scenarios describe some sample actions taken when an
802.1x-enabled supplicant initiates a connection to the network. The scenarios assume the
following:
Scenario 1 has a healthy 802.1x-enabled supplicant.
Scenario 2 has an unhealthy 802.1x-enabled supplicant.
802.1x network login has been configured and enabled on the switch.
EX_174
Workstation
Remediation
server
Remediation
server
EPICenter
IAS/NPS
Domain controller running
Active Directory
Quarantine
VLAN
Production VLAN
(Corporate network)