Symantec Security Expressions Server Server User Manual


 
SecurityExpressions Server User Guide
50
Enabling slow link detection might extend processing time.
Trace Route Information
Trace route is a TCP/IP utility that allows the user to determine the route that packets are taking
to a particular host. Your notifications can include a trace route if you select this optional setting,
Make trace route information available to notifications. Determining trace route
information may be slow.
Network Admissions Control
The Network Admissions Control section of the Network page enables Cisco Network Admissions
Control (NAC) to work with the server software. NAC allows network access only to trusted end-
point devices that can verify their compliance to network security policies. It can permit, deny or
restrict network access to any device as well as quarantine and remediate non-compliant devices.
The server software communicates with NAC through Cisco Secure Access Control Server (ACS).
ACS uses the server software as its External Posture Validation Audit Server. External Posture
Validation Audit Server sends
posture
tokens
to ACS that indicate the audit status of systems.
Using that information, NAC can determine whether or not these systems are in compliance.
The server software frequently checks target systems to keep the posture tokens updated. The
possible posture tokens are:
Healthy - The system had a posture result of Pass when checked.
Quarantined - The system had a posture result of Fail when checked.
Transition - The system was in the middle of an audit when checked.
Unknown - The server software does not recognize the system, cannot connect to the
system or lost connectivity during the last audit.
To configure the server software to work with NAC, select settings in the following categories.
Unmanaged Systems
An unmanaged system is a system on the network that the server software does not recognize or
cannot connect to.
Initial Token
Sends the posture token you select to ACS if the server cannot connect to a system.
Token After Self Audit
Sends the posture token you select to ACS if a quarantined system fails a self-service audit.
Cache Validity Duration
Select how long a posture token of Healthy should remain valid. This is a way to control how
often the server software verifies that an unmanaged system is still in compliance with
network security policies after it receives a Healthy posture token. If you select Forever, the
system's Healthy token will never expire.
Managed Systems