NAC Timers

Unanswered Question
Feb 12th, 2010
User Badges:

the default session timeout timers for NAC is :

Role                          Session timeout

unauthenticated Role           Disabled

Temporary Role                    4

Quarantine Role                    4

what is the ordering of applying these roles and timers once the user try to login to the PC ?

-before authentication

-after authentication & PC meets security requirements

-after authentication & PC doesn't meets security requirements


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Faisal Sehbai Fri, 02/12/2010 - 14:52
User Badges:
  • Gold, 750 points or more


The only timer to worry about is the Temporary Role one. That is used if you're using the agent, and are missing some requirements. This time is allowed for you to remediate (by default 4 minutes) Generally customers increase that so the clients can get remediated.

The quarantine timer only applies if you're using nessus scanning, and the unauthenticated timer only for the unauthenticated role.



hany_ibrahim Sat, 02/13/2010 - 06:08
User Badges:

OK , but what about the ordering of excution as i listed ?

Faisal Sehbai Sat, 02/13/2010 - 19:33
User Badges:
  • Gold, 750 points or more


The order is the same as you listed. When PC is unauthenticated, the unauthenticated timers apply. When it's doing posture and remediation the Temporary role timers apply. If you're doing Nessus scanning, then the Quarantine timers apply.




This Discussion