Policy Management based on User ID and Hierarchical Group
The default NAP policy is enforced for all PCs in the same domain.
The default NAP policy might not support differentiated polices based on actual user groups.
UNETSHA supports login ID based policy enforcement for exceptional cases, making NAP policy enforcement more flexible.
Flexible Policy Enforcement
PC health checks and policy update cycles should be determined by the characteristics of each policy.
UNETSHA allows administrators to set the policy enforcement cycle once or periodically depending on the characteristics of the policies.
Hierarchical Group Management
An enterprise usually configures and manages its departments hierarchically. From an administrative point of view, an enterprise-wide NAP policy should support this hierarchical structure.
UNETSHA supports hierarchical group management so that the administrator can manage NAP polices based on the actual organizational structure of the enterprise.
NAP policy enforcement uses the following order of precedence: user - group - upper group - root group policies. The root group policy can be used as an enterprise-wide common policy.
Flexible Rule Editing
Scripts written in an IF (Condition) THEN (Action) ELSE (Action) format enable flexible rule editing to support administrational diversity, allowing you to abide by laws and regulations.
The rules you create can be imported and exported in a text file format.
RQS Migration
RQS is a Network Access Quarantine Control framework for Windows Server 2003 which provides additional protection capabilities for remote control such as dial-up and VPN connection.
The migration of the PC health check is critical in making the transition from the RQS environment to the NAP environment. UNETSHA ensures that your RQS policy can be migrated to the NAP environment, either manually or automatically.
Supported Client OS
Microsoft Windows Vista
Microsoft Windows XP with Service Pack 3
Linux Fedora 6 or later / Ubuntu 7.0 or later
Apple Mac OS X
Plug-ins for Diverse Client Health Check Programs
To support additional PC health check capabilities that are not included in UNETSHA,
UNETSHA allows plug-ins for diverse health check programs independent of their type (VBS, EXE, BAT, etc.).
This feature is included in the RQS Package in order to strengthen NAP policy enforcement with a diverse variety of PC health check programs.
Included ECs: 802.1X Supplicant and DHCP Client
Linux and Mac OS X versions include NAP Agent with ECs for 802.1x-authenticated connections
and DHCP-based IPv4 address configuration.
Supported EAP: PEAP version 0/1/2, EAP-MSCHAP v2, EAP-MD5, EAP-TLS, EAP-TTLS, EAP-GTC and LEAP
Support for Windows Management Instrumentation
Windows Management Instrumentation (WMI) is used to manage the status, configurations and operational aspects of hardware and software in Windows. Over 7,000 managed objects in WMI can be used as NAP policy objects for better security.
