Network Access Control

Hello,

Symantec Network Access Control ensures that a company's client computers are compliant with the company's security policies before the computers are allowed to access the network. Symantec Network Access Control uses a Host Integrity Policy and an optional Symantec Enforcer to discover and evaluate which computers are compliant.

Components of Symantec Network Access Control

• Symantec Endpoint Protection Manager (with SQL Database )
• Symantec Endpoint Protection client orSymantec Network Access Control client
• NAC Enforcer (optional)

NACEnforcement Options

The available enforcement options in Symantec Network Access Control are:

• Self Enforcement
• Symantec Enforcer Appliances
• Symantec NAC Integrated Enforcer for Microsoft DHCP Servers
• Symantec NAC Integrated Enforcer for Microsoft Network Access Protection
• Universal enforcement API
• Enforcement by using Cisco NAC

Self-Enforcement

Enforcement is done by the (SNAC) Client itself. No Enforcer hardware is required. Self enforcement by the SEP client firewall has no effect on the systems without SEP clients in the network.

With Self Enforcement, the client can quarantine its system if it falls out of compliance. Quarantine policies have to be defined on SEPM. The client can quarantine itself by switching to a quarantine firewall policy, a Firewall that restricts access to specific IP addresses or segments.

This allows for rapid deployment of basic endpoint security. No network-level systems or configuration is needed.

Please check the link for more information—

                     http://www.symantec.com/docs/TECH102534

Read more in the Attached PDF File.