search

Alcatel OS6400-24 Uživatelský manuál Strana 2

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 4
  • Tabulka s obsahem
  • KNIHY
    • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 1
Alcatel-Lucent Operating System for OmniSwitch LAN Switches with Integrated CyberGatekeeper Solution | Data Sheet
Access Guardian AOS feature, and
allowed access only to the remediation
servers. The HIC agent (permanently
installed or provided on-demand) on
the endpoint, in conjunction with the
InfoExpress CyberGatekeeper policy
server, attempts to update the endpoint.
Once compliant with security policies,
the endpoint is allowed network access.
As long as the endpoint is connected
to the network infrastructure, the HIC
agent provides continuous surveillance.
If the agent detects a violation of the
s
ecurity policies or is disabled or
terminated, the policy server will notify
the switch, which in turn quarantines
the endpoint and allows access only
to the remediation servers.
The OmniSwitch 6400 SGS/OmniSwitch
6850 SLS/InfoExpress CyberGatekeeper
solution is easy to deploy and maintain,
requiring no network changes.
Installations can be done in hours
compared to those for most network
access control solutions that can take
weeks or months.
User network profile
When a device initially connects
to the enterprise network edge,
the OmniSwitch 6400 SGS or the
OmniSwitch 6850 SLS authenticates
the user/device as defined by its Access
Guardian policy. The OmniSwitch 6400
or OmniSwitch 6850 subsequently iden -
tifies the corresponding user network
profile (UNP), which is a security profile.
UNPs allow the creation of easily
defined profiles that are mapped to
security policies. A profile may contain
network, application, priority, band -
width and compliancy rules based on
a user’s role in the organization. The
UNP is provided during authentication
and rules are enforced immediately by
the network switch. During this time,
the switch allows the endpoint limited
a
ccess to the network. Authentication
using 802.1X, MAC or web-based
methods is not required, but can be
added to provide more granular
control of the profiles.
Operation
When a user/device connects to an
enterprise network with HIC, the
endpoint device is required to undergo
a verification process. The switch
dynamically restricts network access
using ACLs, which only allow the
endpoint access to the InfoExpress
CyberGatekeeper Policy Server and
the remediation server(s).
If the endpoint device has a permanent
InfoExpress CyberGatekeeper Agent
installed, the agent communicates with
the InfoExpress CyberGatekeeper Policy
Server to assess the endpoint’s integrity.
The tests to be performed on the
endpoint device by both the permanent
agent and the web-based on-demand
agent are defined on the InfoExpress
CyberGatekeeper Policy Server using
the InfoExpress CyberGatekeeper Policy
Manager. The policy server determines
whether the endpoint device has passed
or failed the HIC test and directly
notifies the edge OmniSwitch 6400 SGS
or OmniSwitch 6850 SLS to which the
device is connected. Traffic restrictions
and redirections are processed by the
Alcatel-Lucent Access Guardian AOS
f
eature, which integrates authentication,
device compliance and network access
control functions directly into the net -
work infrastructure at the switch level.
If the OmniSwitch 6400 SGS or the
OmniSwitch 6850 SLS receives a HIC
pass status for the specified endpoint
device, the switch dynamically applies a
new set of ACLs that allow the endpoint
device access to the production network.
If the OmniSwitch 6400 SGS or the
OmniSwitch 6850 SLS receives a HIC
fail status for the specified endpoint
device, the switch dynamically applies
a restrictive set of ACLs that allow the
endpoint to access the remediation
servers only.
If the endpoint device does not have
a permanent agent installed on it, the
user is required to launch a browser
that is redirected to a customer-defined
2
User network profiles
Role-based access including
VLAN, QoS, ACL
Traffic anomaly detection
Zero day attack
AQM
Quarantine and
remediation
Host integrity check
Integrated HIC (CyberGateKeeper)
static or on-demand agents
Authentication
Employee: 802.1x
Guest: captive portal
IP phone: 802.1x or Mac-based
Printer: port-based
Access guardian
Monitoring/audit trail
Privilege
OmniSwitch embedded
network security
framework
Visibility
IntegrityIdentity
Threats controlIsolation
Figure 1. OmniSwitch AOS - Embedded network security framework
Zobrazit stránku 1
1 2 3 4

Komentáře k této Příručce

Žádné komentáře
Související produkty a manuály pro Sítě Alcatel OS6400-24
Sítě Alcatel OS6855-24 Uživatelský manuál   (8 stránky)
Sítě Alcatel OS-6124 Uživatelský manuál   (8 stránky)
Sítě Alcatel OS6400-24 Uživatelská příručka   (55 stránky)
Sítě Alcatel OS-6124 Uživatelský manuál   (8 stránky)
Sítě Alcatel One Touch X200S Uživatelský manuál   (20 stránky)
Sítě Alcatel SpeedTouch Speed Touch Home Asymmetric Digital Subscriber Line (ADSL) Modem Uživatelská příručka   (34 stránky)
Sítě Alcatel One Touch X200S Uživatelská příručka   (21 stránky)
Sítě Alcatel OS6855-24 Uživatelský manuál   (9 stránky)
Sítě Alcatel OS6850-48 Uživatelský manuál   (9 stránky)
Sítě Alcatel OS6850-48 Uživatelský manuál   (20 stránky)
Sítě Alcatel Router Uživatelský manuál   (7 stránky)
Sítě Alcatel Modem Uživatelský manuál   (2 stránky)
Sítě Alcatel OmniSwitch/Router Uživatelská příručka   (346 stránky)
Sítě Alcatel OS6400-48 Uživatelský manuál   (8 stránky)
  • Bico IHeat Pet Shed Star Micronics Best Power
  • LG Promítací plátna Mr. Heater Ohřívače prostoru Bryston Video převodníky Avaya Telefony Goldmund ne
  • Samsung GT-I8262 KEF CI9000ACE Akai MPC1000 Acer KG271 Sony CDX-GT747UI
  • Gateway GTW-L17M103 Uživatelský manuál Ixla 640 Uživatelský manuál Minolta Dimage A1 Uživatelský manuál Philips DC390 Uživatelský manuál AEG FSB51400Z Uživatelský manuál