Agent.
Agent basically means you install a piece of software on the endpoint and it will
connect. The disadvantage is the agent installation process.
802.1x supplicant.
Can test the endpoint for compliance to your policy like IPSEC
Compliance to host checker.
OK.
So location aware means it can determine that it is in the company LAN or at your home.
Multiservice so it can also do acceleration.
802.1x supplicant
windows only currently.
OAC
Odyssey access client
Does not support SECURE ACCESS Service
It also does not provide Application Acceleration.
So only 802.1x and host enforcer
This is the only client that can deliver the host enforcer.
Java we said was for every device that has Java
It will send the Ajax heartbeat which will determine you disconnected and clean up the session
Host Checker Agentless.
This is a dynamic download of a host checker.
It only runs host checker
It establishes a heart beat to the MAG
Agentless
Must run the Browser to keep connection.
Does not require administrator rights.
Third party using TNC trusted network Connect.
Access Control supports phones and other devices using
the MAC address authentication feature.
configuring this nonsense was in the User >> ROLES >
Mark the check box. If you select more than one, he can choose when logging in.
You can also add specific scripts that will run on the device at the START or and Session END
Screenshot of connection set
new connection set
>Users > junos Pulse > new connection set
there are options here.
Saving logon to keep the data so you can reconnect within the session limits.
Dynamic certificate trust means the users can skip bad certificates.
Wireless supression will supress his wireless.
In the Junos Pulse Connection
You can establish the type of connection is
IC or SA
802.1x
Firewall
WX for acceleration WX was that product line.
{} if the user can override it
{} server runs the connection back to this server
or you can specify a URL which will send the client to that URL.
So for example I can set up the users to get a policy from one location and connect to another.
Connection radio button if you want to connect manually, rules, automatically after logon.
new location awareness rule
Location aware rules.
When the DNS server is x.x.x.x then apply something.
Client must have certain IP range.
Components
means the isntallation of the client and you specify the components to be installed
Last on the ROLE you will select which components SET will be applied on the
Roles Pulse. (you select the one you created above)
User Experience.
Connect.
Username password
Same thing for the OAC Odyssey ODyssey
Check box for install client and simply select the Install odyssey radio button.
You can add a preconfiguration file that will be installed for them. So you can customize the file.
You select to prompt the user for password
and the type of EAP for the outer join.
You can also configure his adapters.
Agentless
You can customize the UI.
So
Mark the Agent you want to install
Make a connection set
Then apply it to roles.
No comments:
Post a Comment