Dhcp hub subnet, Groups and profiles – Nortel Networks 5500 series User Manual

Page 30

Advertising
background image

30

Overview

Filters only enforcement uses two VLANs: Red and VoIP. A client
computer is placed in the Red VLAN where it is held pending successful
authentication. If successful, Nortel Health Agent integrity checking can be
used to determine if remediation is required. Filters are applied to direct
the client to the appropriate network resources but the client remains in
the same VLAN regardless of its status. This contrasts with VLANs and
filters where the client is moved to another VLAN in addition to applying
filters. Filters only handles IP phones in the same manner as VLANs
and filters.

With Filters only, there is less network configuration than with VLANs and
filters because there are only two VLANs (Red and VoIP) to configure.
However, the double layer of protection afforded with VLANs and filters
is not provided.

To configure the Nortel SNAS for Filters only enforcement, see

“Configuring groups” (page 156)

, enftype. Though configuring for Filters

only can result in higher DNS demands on the Nortel SNAS, using the
filter DHCP subnet type maintains these demands at the same level as
with VLANs and filters: for more information, see

“Configuring local

DHCP services” (page 115)

.

DHCP hub subnet

DHCP hub subnet enforcement allows the Nortel SNAS to operate with
a broader range of Nortel ethernet switches as well as third party network
access devices. Unlike VLANs and filters and Filters only enforcement,
DHCP hub subnet enforcement does not require SSCP support on the
network access device.

The DHCP hub subnet configuration is an integral component of the
DHCP services provided by the Nortel SNAS. For more information, see

“Configuring local DHCP services” (page 115)

.

Groups and profiles

Users are organized in groups. In the user gorup we can specify Locaion
also. Group membership determines:

user access rights
Within the group, extended profiles further refine access rights
depending on the outcome of the Nortel Health Agent checks.

number of sessions allowed

the Nortel Health Agent SRS rule to be applied

what on the portal page after the user has been authenticated

Nortel Secure Network Access Switch

Using the Command Line Interface

NN47230-100

03.01

Standard

28 July 2008

Copyright © 2007, 2008 Nortel Networks

.

Advertising
This manual is related to the following products:

450 series, 325 series, 425 series

Popular Brands
Popular manuals