cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
866
Views
0
Helpful
2
Replies

NAC 4.7.2 NAA Checks, Rules and Requirements

Robert Slusar
Level 1
Level 1

As I Understand the way these work is sort of like this.

A Check is something that could be looked for on a device with an installed NAA.

A Check really doesn't do anything until it is coupled in a Rule which will return the equivalent of a true or false.

The Rule simply shows whether or not something complies with it but unless there a Role Requirement NAC will do nothing to force remediation or prevent access provided authentication (login) passes.

Say I have what I perceive as a single employee user role based upon mapping but I have 2 very different OS's Window and MAC OSx. If I create a requirement for that role and it is Necessarily Windows-centric would it effectively keep the MAC OSx agents from accessing the network?  Do I need to have a WINemployee role and a MACemployee role? 

Thanks!

Bob

1 Accepted Solution

Accepted Solutions

Faisal Sehbai
Level 7
Level 7

Bob,

The agent is intelligent enough to discern that if a MAC is logging in, and your requirements are all Windows, it won't check for them. So long story short, you don't need a separate role for the MACs.

HTH,

Faisal

View solution in original post

2 Replies 2

Faisal Sehbai
Level 7
Level 7

Bob,

The agent is intelligent enough to discern that if a MAC is logging in, and your requirements are all Windows, it won't check for them. So long story short, you don't need a separate role for the MACs.

HTH,

Faisal

Thank you Faisal!

I may be over thinking things a bit.

Bob

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: