Alcatel-Lucent 6850-48 Network Guide

OmniSwitch AOS Release 6 Network Configuration Guide

page 34-1

Access Guardian refers to the following collection of Alcatel-Lucent security functions that work together 
to provide a dynamic, proactive network security solution:

• Authentication and Classification—Access control is configured on 802.1X-enabled ports using 

device classification policies. A policy can specify the use of one or more types of authentication meth-
ods (802.1X, MAC-based, or Web-based Captive Portal) for the same port. For each type of authentica-
tion, the policy also specifies the classification method (RADIUS, Group Mobility, default VLAN, 
User Network Profile, or block device access).

• Host Integrity Check (HIC)—An integrated solution for device integrity verification. This solution 

consists of the InfoExpress CyberGatekeeper server, a permanent or web-based downloadable agent to 
verify host compliance, and User Network Profiles (UNP). HIC is triggered when a UNP is applied to a 
device and HIC is enabled for the UNP.

• User Network Profiles (UNP)—One of the configurable options of a device classification policy is to 

classify a device with a UNP. When the policy applies the UNP to one or more devices, the UNP deter-
mines the VLAN assignment for the device, whether or not HIC is required for the device, and if any 
QoS access control list (ACL) policies are applied to the device. 

This chapter provides an overview of Access Guardian security features and describes how to configure 
these features through the Command Line Interface (CLI). CLI commands are used in the configuration 
examples; for more details about the syntax of commands, see the OmniSwitch CLI Reference Guide.

The following information and procedures are included in this chapter:

.

.