![[Contents]](FIGURE/CONTENT.GIF)
![[Glossary]](FIGURE/GLOSS.GIF)
![[Index]](FIGURE/INDEX.GIF)
![[Back]](FIGURE/FRONT.GIF)
![[Next]](FIGURE/AFTER.GIF)
Job Management Partner 1/Client Security Control Description, User's Guide and Operator's Guide
- A quarantine system can be set up by linking JP1/CSC to either of the following products:
- JP1/NM
JP1/NM is software that controls network connections. It consists of two programs, JP1/NM and JP1/NM - Manager. JP1/NM and JP1/NM - Manager contain NetMonitor and NetMonitor/Manager. JP1/NM and JP1/NM - Manager contains NX NetMonitor and NX NetMonitor/Manager.
JP1/NM - Manager monitors the overall system. JP1/NM is placed in each subnetwork and is used to control client network connections.
- Authentication server
An authentication server, also called a RADIUS server, is required to authenticate clients. To link to JP1/CSC, install either Microsoft Internet Authentication Service or Network Policy Server on a RADIUS server.
The available authentication methods are IEEE 802.1X authentication and MAC authentication.
- IEEE 802.1X authentication
- A user ID and password are used to authenticate a user. Authentication requires a switch and a RADIUS server that comply with IEEE 802.1X. The Windows standard supplicant is required on the client that is to be authenticated.
Two VLAN environments are available: dynamic and static.
- MAC authentication
- A MAC address is used to authenticate a client. Authentication requires a switch and a RADIUS server that support MAC authentication. No supplicant is required on a client that is to be authenticated.
- Dynamic VLAN environment
- A switch determines the destination for the client connection based on the authentication result.
The following table shows the possible combinations of authentication method and VLAN environment that can be used when a quarantine system linked to an authentication server is created.
- Static VLAN environment
- A switch restricts connection to specific networks based on the authentication result.
Table 12-1 Authentication method and VLAN environment available when a quarantine system linked to an authentication server is created
Authentication method VLAN environment Dynamic VLAN Static VLAN IEEE802.1X authentication Y Y MAC authentication -- Y
- Legend:
- Y: Applicable
- --: Not applicable
- JP1/Software Distribution (AMT Linkage facility)
When a computer compatible with AMT is used as a client, AMT Linkage facility Component of JP1/Software Distribution uses the AMT packet control functionality to control client connections to the network.
All Rights Reserved. Copyright (C) 2009, 2011, Hitachi, Ltd.
Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated