Support User Manuals

Enterasys Networks 9034385 Plumbing Product User Manual

Open as PDF

of 98

Survey the Network

Enterasys NAC Design Guide 4-3

ThenetworkshowninFigure 4‐1below,illustratesthefollowingthreeexamplesofhowthe

intelligentedgecanbeimplementedinanetwork.

• Policy‐enabledEnterasysdevicesatthephysicaledgeofthenetwork.

TheSecureStackB2/B3,SecureStackC2/C3,andMatrixN‐seriesswitchesaretheintelligent

edgeofthenetwork

aswellasthephysicaledgeofthenetwork.Thesepolicy‐enableddevices

provideauthenticationandauthorizationviapolicyenforcementtotheconnectingend‐

systems.

•Third‐partyswitchesthatsupportRFC3580withdynamicVLANassignmentatthe

physicaledgeofthenetwork.

RFC3580‐compliantswitches(Enterasysandthird‐party),

arealsopartoftheintelligentedge

ofthenetwork,becausetheyareabletoauthenticateandauthorizeconnectingend‐systems

withaparticularlevelofnetworkaccess,usingdynamicVLANassignment.

•Policy‐enabledEnterasysdevicesatthedistributionlayerofthenetwork,upstreamfrom

non‐intelligentthird‐partydevices.

Theintelligent

edgeofthenetworkmayormaynotbethephysicaledgeofthenetworkwhere

end‐systemsactuallyconnect.TheMatrixN‐seriesswitchinthedistributionlayerofthe

network,upstreamfromthenon‐intelligentthird‐partydevice,isalsoconsideredpartofthe

intelligentedgeofthe

network.ThisisbecausetheMatrixN‐seriesswitchcanindividually

authenticateanduniquelyallocatenetworkresourcesfortheend‐systemsconnected

downstreamtothenon‐intelligentthird‐partyaccesslayerdevice.

Figure 4-1 Network with Intelligent Edge

previous next