NetMan's SmartNAC

This guide provides the configuration method for performing the integration function between NetMan's SmartNAC, a network access control solution (NAC), and Genian NAC.

Overview

When configuring SmartNAC and Genian NAC integration, it is performed through the process of SmartNAC User Authentication > Genian NAC User Authentication.

Purpose of Integration

This is used for integrating user authentication information when the purpose of using the Genian NAC Agent is EDR operation, not network access control.

Prerequisites

Confirm Encrypted Registry Information for Calling Authentication Information

  • Confirm the registry values where SmartNAC stores authentication information, the encryption method, and the Key / Initial Vector values for decryption.

Prepare Genian NAC Agent Plugin for Integration

  • Use the item registered as an expansion plugin to enable SSO integration.

Genian NAC Configuration for Integration

Step 1: Agent Plugin Configuration
  1. In Genian NAC Web Console, go to Policy > Node Policy > Agent Action menu
  2. Click NetMan SmartNAC Alternative Authentication plugin
  3. In Action Execution Settings, enter setting values as follows
Configuration Item Setting Value Notes
Operation Method Select Perform Authentication Replacement from Perform Authentication Replacement, Store Authentication Information items Select NAC Authentication Replacement item
Registry Path Input value : HKEY_LOCAL_MACHINESOFTWARENetManSNPC_SSOState Enter the registry path where encrypted user information is stored
Registry Name Input value : SNPC_LoginID Enter the name of the encrypted registry value
Use Logout Select ON, OFF Set ON when integrating logout function
Encryption Algorithm Select from BASE64, AES_256_CBC items Select registry encryption algorithm
Step 2: Configure Node Policy for Integration Function Application

Through the following process, using Genian NAC's agent plugin, after confirming normal communication for authentication between the user PC and the server and verifying user authentication status, create a policy to allow network access.

  1. In Genian NAC Web Console, go to Policy > Node Policy menu
  2. Click the Node Policy containing the node group (e.g., all nodes) to which user authentication integration will be applied (if applying to a specific group only, create and use a separate node group)
  3. Go to Advanced > Authentication Policy > Single Sign-On Method and select External API from the select box
  4. Go to Agent Action at the bottom and click Assign button
  5. Move NetMan SmartNAC Alternative Authentication node action to the right and click Add button
  6. Click Update button at the bottom
  7. Click Apply Change Policy button at the top right to apply policy