2.8.16 Managing exclusive communication destinations for devices denied network access
By setting exclusive connection destinations, you can allow blocked devices to access specific devices on the network. For example, if you register a server that provides security measures in the Exclusive Communication Destination for Access-Denied Devices list, a device that is quarantined after being deemed a security risk can connect to the server to update its security. The management server is registered in the Exclusive Communication Destination for Access-Denied Devices list by default.
For computers on which the network monitor agent is installed, the environment is automatically configured as described below. Because this environment is a prerequisite for communication with exclusive communication destinations, do not change these settings.
-
Windows Firewall is disabled
-
The service (Routing and Remote Access) is enabled
-
When the OS is Windows Server 2012 or Windows Server 2008, the Windows Routing and Remote Access role service is enabled.
To permit blocked devices to access specific devices on the network, create exclusive communication destination settings.
To change the devices that are accessible to a device that is blocked from the network, edit the exclusive communication destination settings.
If changes to the system mean that you no longer need an exclusive communication destination setting, delete the setting.