Procedures for Out-of-Band and Inline NAC
Enterasys NAC Design Guide 5-5
•Howhealthresultsareprocessed.
Whenanassessmentisperformedonanend‐system,a“healthresult”isgenerated.Foreach
healthresult,theremaybeseveral“healthresultdetails.”Ahealthresultdetailisaresultfor
anindividualtestperformedduringtheassessment.Eachhealthresultdetailisgiven
ascore
rangingfrom1to10,andbasedonthisscore,thehealthresultisassignedarisklevel.
However,itispossibletooverridethescorewithadifferentvaluethatbetteralignsthescore
withtheenterpriseʹscompliancepolicy.Forexample,Wiresharkisapopularnetworktraffic
analysisapplicationthatcanbeusedforbothinformationalandmaliciousintentions.IfIT
operationsdeterminesthatWiresharkisanapplicationthatshouldnotbeinstalledonend‐
systemsconnectingtothenetwork,ascoringoverridecanbeconfiguredtoassociateahigh‐
riskscoreifWiresharkisdetectedon
anend‐system.
•Whichend‐systemsarequarantined.
NACManagerusesrisklevelstodeterminewhetherornotanend‐systemwillbe
quarantined.Basedonthescoresfromthehealthresultdetails,end‐systemareclassifiedinto
oneoffourrisklevels:highrisk,mediumrisk,lowrisk,andnorisk.
Dependingontherisk
leveltowhichtheend‐systemisclassified,theend‐systemmaybequarantined.
Authorization
TheNACconfigurationalsospecifiestheauthorizationlevels,referredtoas“accesspolicies,”that
willbeappliedtotheend‐system,dependingontheauthenticationandassessmentresults.
• AcceptPolicy–thepolicythatisassignedtocompliantend‐sys tems.
•QuarantinePolicy–thepolicythatisassignedtononcompliantend‐systems
thathavefailed
assessment.
• AssessmentPolicy–thepolicythatis(optionally) assignedtoend‐systemswhiletheyare
beingassessed.
• FailsafePolicy–thepolicythatisassignedtoend‐systemswhenanerroroccursintheNAC
process.