Nortel Networks 4050 Manuale Utente

34 Chapter 1 Overview

320818-A

 

The Nortel SNAS 4050 performs the following functions:

•

Acts as a web server portal, which is accessed by users in clientless mode for 
authentication and host integrity check and which sends remediation 
instructions and guidelines to endpoint clients if they fail the host integrity 
check.

•

Communicates with backend authentication servers to identify authorized 
users and levels of access.

•

Acts as a policy server, which communicates with the TunnelGuard applet 
that verifies host integrity.

•

Instructs the network access device to move clients to the appropriate VLAN 
and, if applicable, to apply additional filters.

•

Can be a DNS proxy in the Red VLAN when the Nortel SNAS 4050 functions 
as a captive portal

•

Performs session management.

•

Monitors the health of clients and switches.

•

Performs logging and auditing functions.

•

Provides High Availability (HA) through IPmig protocol.

There are four types of Layer 2 or Layer 3 VLANs in a Nortel SNA network:

•

Red — extremely restricted access. If the default filters are used, the user can 
communicate only with the Nortel SNAS 4050 and the Windows domain 
controller network. There is one Red VLAN for each network access device.

•

Yellow — restricted access for remediation purposes if the client PC fails the 
host integrity check. Depending on the filters and TunnelGuard rules 
configured for the network, the client may be directed to a remediation server 
participating in the Yellow VLAN. There can be up to five Yellow VLANs for 
each network access device. Each user group is associated with only one 
Yellow VLAN.

•

Green — full access, in accordance with the user’s access privileges. There 
can be up to five Green VLANs for each network access device.