Extreme Networks Sentriant AG Manual de usuario descargar pdf (Pagina 2)

5151-01

Extreme Networks

Internet

Sentriant AG200

Agent

Guest/VisitorManaged

Machine

Agent

Agent-less

Agent-les

ActiveX

Act

ive

Testing Options

Endpoint Types

Contractor

Remote/Home

Machine

Test

Sentriant AG200—Page 2

Extreme Networks Data Sheet

Flexible Access Policies

Sentriant AG200 allows administrators to

create rich policies for controlling network

access through a simple point and click

policy editor. Each policy consists of one or

more tests to assess if endpoints meet the

required security level and the actions to be

taken when devices do not comply. Actions

can include logging the test results, sending

an email alert to IT, providing the end-user

a warning along with a limited time window

to resolve the issue, or quarantining the

device immediately. Sentriant AG200 can

support multiple policy sets in order to

meet the varying security requirements of

distinct user communities and network

locations.

Comprehensive Test Suite

When creating policies, administrators can

choose from hundreds of off-the-shelf

endpoint integrity tests that ship with the

product. Test categories currently include:

OS service packs and hotﬁxes•

Browser and OS security settings•

Wireless security settings•

Anti-virus software (installed, •

running and up-to-date)

Anti-spyware software (installed, •

running and up-to-date)

Personal ﬁrewall software (installed •

and running)

Peer-to-peer applications (presence •

of)

Worms, viruses, trojans, spyware •

(presence of)

Required or prohibited software •

(administrator deﬁned)

All tests are constantly updated to maintain

the most current level of protection.

Custom tests can also be created in order to

address unique customer requirements.

Pre-Connect Testing

Sentriant AG200 automatically tests

devices as they connect to the network

against the access policies that have been

deﬁned. With this form of testing the

network is not put at risk as access is not

allowed until the health of each endpoint

has been fully assessed. The purpose-built

testing engine of Sentriant AG200 can

complete a full integrity check in only

seconds, thereby minimizing the impact to

end-users. Non-compliant devices can be

placed in quarantine where they can be

repaired before being allowed onto the

network. Sentriant AG200 will periodically

re-test devices that remain connected to

the network to ensure ongoing policy

compliance.

Wide Range of Endpoint

Support

Sentriant AG200 supports both Microsoft

Windows (2000/2003/XP/Vista) and Mac OS X

endpoint devices, and provides three

options for assessing endpoint integrity:

Agent-less—No client-side •

software required on endpoint

The agent-less option is ideal for

managed PCs operating in a Microsoft

domain environment. It offers

zero-maintenance device administration,

as no client software needs to be

installed or supported on the endpoint.

Agent—Tests endpoint through •

installed client

The Sentriant AG200 agent is available

for Microsoft Windows operating

systems as well as Mac OS X. The

agent is lightweight, easy to install

and automatically kept up-to-date

making it ideal for both managed

endpoint and long-term guests.

ActiveX—Tests endpoint through •

browser

The ActiveX plug-in tests machines

running Microsoft Windows operating

systems and is ideal for foreign

endpoints where agent-less testing or

an installed agent is impractical.

Sentriant AG200 provides the same depth

of testing regardless of which option is

used. All three options can be used in

conjunction to ensure complete coverage

across the complete range of endpoint devices

(see Figure 1). For endpoints that cannot

be tested, such as printers, IP phones or

handheld devices, Sentriant AG200 supports

ﬂexible exclusion rules to control whether

or not to provide access to these devices or

not to provide access to these devices.

Advanced Endpoint Integrity Testing

Sentriant AG200 intercepts device connections and examines the connecting device to see if it meets the organization’s

policies for security. Devices not meeting policy can be denied access or quarantined.

Figure 1: Testing Options

1 2 3 4 5 6 7 8

Comentarios a estos manuales

Sin comentarios

Extreme Networks Sentriant AG Manual de usuario Pagina 2

Comentarios a estos manuales

Relacionado con productos y manuales para Software Extreme Networks Sentriant AG