Alcatel-Lucent 6850-48 Network Guide

Access Guardian Overview

Configuring Access Guardian

page 34-12

OmniSwitch AOS Release 6 Network Configuration Guide

Access Guardian is a combination of authentication, device compliance, and access control functions that 
provide a proactive solution to network security. Implemented through the switch hardware and software, 
Access Guardian helps administrators:

• Determine who is on the network.

• Check if end users are compliant.

• Direct what end users can access within the network.

In addition to the proactive functionality of Access Guardian, the Traffic Anomaly Detection (TAD) and 
Quarantine Manager and Remediation (QMR) features provide reactive network security solutions. TAD 
and QMR help administrators:

• See what end users are doing.

• Isolate and remediate end users that are not compliant.

The Access Guardian, TAD, and QMR features work together to provide a dynamic, integrated security 
framework. As shown in the following diagram, Access Guardian functionality provides the foundation of 
this framework:

The following switch-based features provide the Access Guardian functionality:

• 802.1X, MAC, and Captive Portal authentication.

• 802.1X device classification policies.

• Host Integrity Check (HIC) to verify end user device integrity.

• User Network Profiles (UNP) to classify devices, enable or disable the HIC process, and apply QoS 

policies to enforce device access to network resources.

This chapter documents the functionality of the Access Guardian feature. For more information about 
TAD, see 

. For more information about QMR, see the