Sentriant AG—Page 2
Extreme Networks Data Sheet
Flexible Access Policies
Using Sentriant AG, administrators
create access policies that define which
applications and services are permitted
and specify the actions to be taken when
devices do not comply. Sentriant AG
tracks all testing and connection activity
and produces a range of reports for
auditors, managers and IT staff.
Agentless Solution
Sentriant AG is very simple to deploy
because it does not require an agent to
be installed on endpoint devices.
However, for organizations that prefer an
agent-based approach, Sentriant AG
provides that alternative too. There are
three options for testing endpoint
devices:
Agent-less—No client-side agent
required on endpoint
ActiveX plugin—Tests endpoint
through web browser
•
•
Sentriant AG agent—Tests
endpoint through installed client
The agent-less option is ideal for testing
Windows
®
2000 and Windows XP Pro
machines. It offers zero-maintenance device
administration as no client needs to be
installed or supported on the endpoint.
The ActiveX plug-in tests all Microsoft–
supported Windows operating systems and
foreign endpoints where an installed agent
is impractical.
Sentriant AG agent also tests all Microsoft–
supported Windows operating systems and
can be used for internal legacy devices such
as those running Windows 98 or NT.
Administrators can prioritize the order that
testing options are applied as devices initially
connect to the network. For example, on an
internal network, the Sentriant AG agent
might be selected as the preferred testing
•
method, while on remote access or VPN
connections, the agent-less option might be
the desirable method.
Protects Remote and Local
Connections
Sentriant AG also protects the LAN from
threats by remote users or from internal
users. Any machine that poses a risk can be
quarantined, whether that machine is
connecting from an external location via a
VPN, or connecting locally (see Figure 1).
VPN connections secure information, but
they do not protect your network from
infected devices or malicious traffic.
Sentriant AG identifies remote devices that
pose a threat and quarantines the device.
Sentriant AG also protects from threats by
internal users (see Figure 2). Compliant
devices are allowed LAN access while
noncompliant devices are quarantined.
© 2006 Extreme Networks, Inc. All rights reser ved.
Noncompliant Endpoint Remediation
Sentriant AG intercepts device connections and examines the connecting device to see if it meets the organization’s
policies for security such as security settings, patches and antivirus safeguards. Devices not meeting policy can be denied
access or quarantined.
Quarantine
Deny access completely
or give limited access
VPN and
RAS
Firewall
Internet
Up-to-date
Corporate-owned
Computer
Unpatched
Home
Computer
New Connections
Tested by Sentriant AG
New Connections
Tested by Sentriant AG
Cable
Modem
!
Pass
Fail
LAN
Sentriant AG
Edge Switch Core Switch
DHCP
Server
Firewall
New Connections
Tested by Sentriant AG
New Connections
Tested by Sentriant AG
Quarantine
!
Internet
Fail Pass
Sentriant AG
C
O
N
S
O
L
E
C
O
N
S
O
L
E
S
T
A
C
K
N
O
11
22
33
44
55
66
77
88
99
1
1
1
1
1
2
1
2
1
3
1
3
1
4
1
4
1
5
1
5
1
6
1
6
1
7
1
7
1
9
1
9
2
0
2
0
2
1
2
1
2
2
2
2
2
3
2
3
2
4
2
4
C
O
N
S
O
L
E
C
O
N
S
O
L
E
S
T
A
C
K
N
O
11
22
33
44
55
66
77
88
99
1
1
1
1
1
2
1
2
1
3
1
3
1
4
1
4
1
5
1
5
1
6
1
6
1
7
1
7
1
9
1
9
2
0
2
0
2
1
2
1
2
2
2
2
2
3
2
3
2
4
2
4
Figure 1: Protection from Remote Users
Figure 2: Protection for internal LAN Connections
(8 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales