System Configuration
Quarantining, General
NOTE:
3-48
Once the endpoint is allowed access, the IP address is renewed, and
the main DHCP server assigns an address to the main LAN. With a
multiple subnetwork or VLAN network, one quarantine area must be
configured for each subnetwork. See "Remote Device Activity Cap-
ture" on page 12-1 for information on using multiple DHCP servers.
Inline – When using the inline quarantine method, NAC 800 must be
•
placed on the network where all traffic to be quarantined passes
through NAC 800. It must be inline with an endpoint like a VPN.
Click ok.
3.
Selecting the Access Mode
To select the access mode:
Home window>>System configuration>>Quarantining
Select one of the following in the Access mode area:
1.
normal – Either allows or quarantines endpoints depending on the
•
setup of the enforcement sever.
•
allow all – Endpoints are tested; however, they are always given
access to the production network.
If you are setting up a cluster for the first time, and you have not yet added
an ES, select allow all until you have finished configuring NAC 800.