4.3. Enforcement Time
After you define the policy, you decide how and where to enforce your policies. Enforcement gives your network access control policies teeth, so to speak, allowing them to have meaning and purpose on the network.
|
4.3.1. Endpoint
Endpoint enforcement, the most basic form of enforcement, involves the endpoint client enforcing policy that the policy engine pushes. The enforcement can be network-access-based or software-based. For network-access-based enforcement on the endpoint, the endpoint client restricts or changes access for a network user based on a policy that the policy engine sends. Endpoint enforcement can use a couple of different methods, but the most common method uses a software firewall-based approach. The other method of enforcement is software based, which is limited only by your imagination. For example, the software based approach can block certain applications from running or start a virtual desktop.
|
Get Network Access Control For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.