8.2. The Technical Components of Fiberlink Mobile NAC
As was discussed in Chapter 2 and replicated in the previous chapters, all NAC/NAP solutions consist of the same basic elements. Not all NAC/NAP solutions will contain all of the elements, and some vendors will be better at some elements than others. This section analyzes the following NAC components as they related directly to Fiberlink Mobile NAC:
A technology to analyze the security posture of the device
A policy-related component to configure and set the policy on what specific security criteria will be analyzed on the device
A technology to communicate the security state of the device to other facets of the NAC/NAP solution
A mechanism that receives the security posture of the device and performs an action based upon those results
A policy-related component to configure and set the policy regarding what action will take place
A remediation technology whose purpose is to bring the device back into compliance
8.2.1. Analyzing the Security Posture of a Device
The analysis of the device is done by the Extend360 (e360) Agent. Mobile NAC differs from LAN-based NAC in that the analysis takes place any time the machine is powered on, regardless of its location. As such, the solution is completely client-based. The e360 Agent consists of the following components:
Service Component
Graphical user interface (GUI)
The Service Component is literally a service that is running in Windows. It runs under the context of Local System, so that ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
