.. _sso-NetMan-SmartNAC: NetMan's SmartNAC ============================= This guide provides the configuration method for performing the integration function between NetMan's SmartNAC, a network access control solution (NAC), and Genian NAC. Overview ------------------------- When configuring SmartNAC and Genian NAC integration, it is performed through the process of **SmartNAC User Authentication > Genian NAC User Authentication**. Purpose of Integration --------------------------- This is used for integrating user authentication information when the purpose of using the Genian NAC Agent is EDR operation, not network access control. Prerequisites --------------------------- **Confirm Encrypted Registry Information for Calling Authentication Information** - Confirm the registry values where SmartNAC stores authentication information, the encryption method, and the Key / Initial Vector values for decryption. **Prepare Genian NAC Agent Plugin for Integration** - Use the item registered as an expansion plugin to enable SSO integration. Genian NAC Configuration for Integration -------------------------------------------- **Step 1: Agent Plugin Configuration** 1) In Genian NAC Web Console, go to **Policy > Node Policy > Agent Action** menu 2) Click **NetMan SmartNAC Alternative Authentication** plugin 3) In **Action Execution Settings**, enter setting values as follows .. csv-table:: :header: "Configuration Item", "Setting Value", "Notes" :widths: 25 30 45 "Operation Method", "Select ``Perform Authentication Replacement`` from ``Perform Authentication Replacement``, ``Store Authentication Information`` items", "Select NAC Authentication Replacement item" "Registry Path", "Input value : HKEY_LOCAL_MACHINE\SOFTWARE\NetMan\SNPC_SSOState", "Enter the registry path where encrypted user information is stored" "Registry Name", "Input value : SNPC_LoginID", "Enter the name of the encrypted registry value" "Use Logout", "Select ``ON``, ``OFF``", "Set ``ON`` when integrating logout function" "Encryption Algorithm", "Select from ``BASE64``, ``AES_256_CBC`` items", "Select registry encryption algorithm" **Step 2: Configure Node Policy for Integration Function Application** Through the following process, using Genian NAC's agent plugin, after confirming normal communication for authentication between the user PC and the server and verifying user authentication status, create a policy to allow network access. 1) In Genian NAC Web Console, go to **Policy > Node Policy** menu 2) Click the **Node Policy** containing the **node group** (e.g., all nodes) to which user authentication integration will be applied (if applying to a specific group only, create and use a separate node group) 3) Go to **Advanced > Authentication Policy > Single Sign-On Method** and select **External API** from the select box 4) Go to **Agent Action** at the bottom and click **Assign** button 5) Move **NetMan SmartNAC Alternative Authentication** node action to the right and click **Add** button 6) Click **Update** button at the bottom 7) Click **Apply Change Policy** button at the top right to apply policy