Symantec Network Access Control 12.1 是一款網絡安全解決方案,能夠控制企業網絡的訪問、實施端點安全策略,以及與現有的網絡基礎架構輕松集成。不管端點以何種方式與網絡相連,賽門鐵克的獲獎網絡安全解決方案都能夠發現并評估端點遵從狀態、設置適當的網絡訪問權限并提供自動補救功能。
主要功能 ● 阻止或隔離不遵從的設備,防止其訪問公司網絡和資源。 ● 按照預定義的模板對主機完整性進行測試(如補丁級別、服務包、防病毒軟件和個人防火墻狀態),并且根據企業環境量身定制自定義檢查。 ● 對公司網絡內外的受管理和未加管理的筆記本電腦、臺式機和服務器提供全方位的終端防護。 ● 可與 Symantec Endpoint Protection 11.x 和 12.1 無縫集成。 ● 適用于 Symantec Enforcer Appliance 選件,旨在對受管和非受管端點實施安全策略。
主要優勢 ● 有助于確保端點遵從安全策略。 ● 管理和保護訪客對網絡的訪問。 ● 降低僵尸網絡、高級持續性威脅和其他惡意軟件風險。 ● 為最終用戶提供更高的網絡可用性,并減少服務中斷的情況。
新功能 更快速、更靈活的管理 Symantec Endpoint Protection Manager 的以下新增功可幫助公司更輕松地管理客戶端計算機:
在集中授權許可模式下,通過管理控制臺即可購買、激活和管理產品許可證。 在 Symantec Endpoint Protection Manager 登錄屏幕中,可以重獲忘記的密碼。 “監視”頁面中包含一組預配置的電子郵件通知,用于告知客戶最常用的事件。這些事件包括新客戶端軟件的發布時間、策略更改時間和許可證續訂消息,以及管理服務器找到未受保護計算機的時間。通知默認為啟用狀態,支持黑莓、iPhone 和 Android 設備。
更高的服務器和客戶端性能 要提高管理服務器與管理控制臺、數據庫和客戶端計算機之間的速度,可以執行以下操作:
在客戶端計算機處于空閑狀態、內容過時或已斷開連接時運行 LiveUpdate,在這些情況下,使用的內存較少。
安裝過程得到改善 借助以下新增安裝功能,Network Access Control 的安裝比以往更便捷:
即使原有客戶端正處于連接和受保護狀態下,也可以將產品升級到最新版本。 全新的部署快速報告,它將告訴您哪些計算機已成功安裝客戶端軟件。
支持其他操作系統 目前,Symantec Endpoint Protection Manager 還支持其他操作系統,如下所述:
VMware Workstation 7.0 或更高版本 VMware ESXi 4.0.x 或更高版本 VMware ESX 4.0.x 或更高版本 VMware Server 2.0.1 Citrix XenServer 5.1 或更高版本
支持 Web 瀏覽器 目前,Symantec Endpoint Protection Manager 支持以下 Web 瀏覽器:
Internet Explorer 7.0、8.0、9.0 Firefox 3.6、4.0
更輕松地管理 Symantec Endpoint Protection Manager 中的 Enforcer 通過配置 Symantec Endpoint Protection Manager 中的以下 Enforcer 設置,可以更輕松地管理 Enforcer:
Enforcer 組中的客戶端使用 Network Time Protocol 服務器定期同步其系統時間的功能。 您可以通過 DHCP Integrated Enforcer 和 LAN Enforcer 更輕松地更新 MAC 地址列表
在 Symantec Endpoint Protection Manager 中增加了網絡訪問控制功能 Symantec Endpoint Protection Manager 包含 Symantec Network Access Control 的如下附加功能:
Enforcer 管理服務器列表中可以包含復制合作伙伴的管理服務器。Enforcer 可以連接到任何站點合作伙伴或復制合作伙伴的任何管理服務器。 Symantec Network Access Control 客戶端的遵從日志提供了其他有關日志事件和主機完整性檢查結果的信息。客戶可以立即查看哪項要求致使客戶端計算機主機完整性檢查失敗。 LiveUpdate 可將主機完整性模板下載到管理服務器上。因此,客戶端計算機可以獲得主機完整性策略(包括已更新的主機完整性模板) Enforcer 組支持受限管理員帳戶、管理員帳戶以及系統管理員帳戶。對于擁有多個站點和域的大型公司,客戶可能需要多位管理員,并且有些管理員的權限比另外一些管理員的要高。
新增 Enforcer 功能 Symantec Network Access Control 包含以下新增功能:
為 Integrated Enforcer 提供 64 位支持。 通過 Microsoft Windows Server 2008 (Longhorn) 對 RADIUS 服務器和代理的實施,為 Network Policy Server (NPS) 提供支持目前,Enforcer 可以驗證運行 Windows Vista 或更高版本的客戶端,也可以驗證使用 802.1x 驗證的客戶端。 對于 DHCP Integrated Enforcer,客戶可以有選擇地對自己定義的作用域啟用基于作用域的實施。 Gateway Enforcer 可同時支持 802.1q 中繼和 On-Demand 客戶端。客戶可以將多中繼 VLAN 上的單個 VLAN 指定給主機 On-Demand 客戶端。 支持訪客實施模式,在這種模式下,Gateway Enforcer 可以用作 On-Demand 客戶端的下載服務器。Gateway Enforcer 可將 On-Demand 客戶端下載到訪客計算機上,使這些客戶端可通過訪客計算機的 Web 瀏覽器與 Enforcer 進行通信。在訪客實施模式下,Gateway Enforcer 不會轉發內部通信。 支持 On-Demand 客戶端“繼續存在”:可在指定時段內“存在”。 本地數據庫的大小已增至 32 MB,可容納更多的 MAC 地址。
Symantec Network Access Control 12.1 is a network security solution that controls access to corporate networks, enforces endpoint security policy and easily integrates with existing network infrastructures. Regardless of how endpoints connect to the network, Symantec's award-winning network security solution discovers and evaluates endpoint compliance status, provisions the appropriate network access and provides automated remediation capabilities.
Key Features Blocks or quarantines non-compliant devices from accessing the corporate network and resources. Hosts Integrity tests against pre-defined templates such as patch level, service packs, antivirus, and personal firewall status, as well as custom created checks tailored for the enterprise environment. Provides pervasive endpoint coverage for managed and unmanaged laptops, desktops, and servers existing both on and off the corporate network. Provides a seamless integration with Symantec Endpoint Protection - both 11.x and 12.1. Works with the optional Symantec Enforcer Appliance to enforce security policies for both managed and unmanaged endpoints. Latest from Community You CAN Take It with You: Keeping Mobile Data Safe While Traveling Blog Post by khoi July 8, 2011 Summertime! That means sunshine, travel…and additional data threats to your smartphone. What’s that? You don’t consider… Read more The NightDragon Myth Article by profman87 February 10, 2011 read more… Read more More in Community Key Benefits Helps ensures endpoint compliance with security policies. Regulates and protects guest access to the network. Reduces risk of botnets, Advanced Persistent Threats and other malware. Greater network availability and reduced disruption of services for end-users.
System Requirements Symantec Endpoint Protection Manager Supported operating systems Windows 7 Windows XP (32-bit, SP3 or later; 64-bit, all SPs) Windows Server 2003 (32-bit, 64-bit, R2, SP1 or later) Windows Server 2008 (32-bit, 64-bit) Windows Small Business Server 2008 (64-bit) Windows Small Business Server 2011 (64-bit) Windows Essential Business Server 2008 (64-bit) Microsoft SQL Server Microsoft SQL Server is optional. The Symantec Endpoint Protection Manager comes with an embedded database suitable for networks up to about 5000 clients. If you choose to use Microsoft SQL Server, the following versions are supported: Microsoft SQL Server 2000 with SP4 or above Microsoft SQL Server 2005 with SP2 or above Microsoft SQL Server 2008 Web Browser requirements Microsoft Internet Explorer 7, 8, 9 Mozilla Firefox 3.6 or 4.0 Hardware requirements RAM: 1 GB of RAM for 32-bit operating systems, 2 GB of RAM for 64-bit operating systems, or higher if required by the operating system Hard Drive: 4 GB or more free space Video: 800 x 600 Processor requirements Note: Intel Itanium IA-64 and Power PC processors are not supported 32-bit processor: 1-GHz Intel Pentium III or equivalent minimum (Intel Pentium 4 or equivalent recommended) 64-bit processor: 2-GHz Pentium 4 with x86-64 support or equivalent minimum Symantec Endpoint Protection Client Supported operating systems and platforms Windows XP (32-bit, SP2 or later; 64-bit, all SPs) Windows XP Embedded Windows Vista (32-bit, 64-bit) Windows 7 (32-bit, 64-bit) Windows Server 2003 (32-bit, 64-bit, R2, SP1 or later) Windows Server 2008 (32-bit, 64-bit) Windows Small Business Server 2008 (64-bit) Windows Small Business Server 2011 (64-bit) Windows Essential Business Server 2008 (64-bit) Processor requirements 32-bit processor for Windows: 1-GHz Intel Pentium III or equivalent minimum (Intel Pentium 4 or equivalent recommended) 64-bit processor for Windows: 2-GHz Pentium 4 with x86-64 support or equivalent minimum. Itanium processors are not supported Hardware requirements RAM: 512 MB of RAM, or higher if required by the operating system Hard Drive: 900 MB or more free space Video: 800 x 600 Symantec Network Access Control Client Supported operating systems Windows XP (32-bit, XP-2 or later; 64-bit, all SPs) Windows XP Embedded Windows Vista (32-bit, 64-bit) Windows 7 (32-bit, 64-bit) Windows Server 2003 (32-bit, 64-bit, R2, SP1 or later) Windows Server 2008 (32-bit, 64-bit) Windows Small Business Server 2008 (64-bit) Windows Essential Business Server 2008 (64-bit) Hardware requirements RAM: 512 MB or higher if required by the operating system Hard drive: 300 MB (32-bit), 400 MB (x64) Video: 800 x 600 Processor requirements 32-bit processor for Windows: 1-GHz Intel Pentium III or equivalent minimum (Intel Pentium 4 or equivalent recommended) 64-bit processor for Windows: 2-GHz Pentium 4 with x86-64 support or equivalent minimum. Itanium processors are not supported Symantec Network Access Control On-Demand Client Supported operating systems Windows XP Home or Professional (32-bit, SP2 and SP3) Windows Vista (32-bit, 64-bit) Windows 7 (32-bit, 64-bit) Windows Server 2003 (32-bit, 64-bit, R2, SP1 or later) Windows Server 2008 (32-bit, 64-bit) Windows Small Business Server 2008 (64-bit) Windows Essential Business Server 2008 (64-bit) Mac OS X 10.4, 10.5 or 10.6 Hardware requirements Download size: 9MB. Amount of free disc space needed to run the client: 100MB Physical RAM for either Windows or Mac On-Demand client: 512 MB Video: Video display: Super VGA (1,024 x 768) or higher Other: At least one Ethernet adapter (with TCP/IP installed) Processor requirements Windows: Intel Pentium II 550 MHz (1 GHz for Windows Vista) or faster Mac: Intel, PowerPC G5, or PowerPC G4 867 MHz or faster Web Browser requirements For Windows On-Demand Client: Microsoft Internet Explorer 6.0 or later; Mozilla Firefox 2.0, 3.0, 3.5, 3.6.3 (Note: Clients from version 11.0 RU6 and lower do not support Firefox 3.6.3) For Mac On-Demand Client: Apple Safari 4.0 and 5.0; Mozilla Firefox 2.0, 3.0, 3.5, 3.6.3 (Note: Clients from version 11.0 RU6 and lower do not support Firefox 3.6.3)
|