02-12-2010 02:48 PM - edited 02-21-2020 03:52 AM
the default session timeout timers for NAC is :
Role Session timeout
unauthenticated Role Disabled
Temporary Role 4
Quarantine Role 4
what is the ordering of applying these roles and timers once the user try to login to the PC ?
-before authentication
-after authentication & PC meets security requirements
-after authentication & PC doesn't meets security requirements
&
02-12-2010 02:52 PM
Hany,
The only timer to worry about is the Temporary Role one. That is used if you're using the agent, and are missing some requirements. This time is allowed for you to remediate (by default 4 minutes) Generally customers increase that so the clients can get remediated.
The quarantine timer only applies if you're using nessus scanning, and the unauthenticated timer only for the unauthenticated role.
HTH,
Faisal
02-13-2010 06:08 AM
OK , but what about the ordering of excution as i listed ?
02-13-2010 07:33 PM
Hany,
The order is the same as you listed. When PC is unauthenticated, the unauthenticated timers apply. When it's doing posture and remediation the Temporary role timers apply. If you're doing Nessus scanning, then the Quarantine timers apply.
HTH,
Faisal
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: