Phase 2 - Plan / Design
After Visibility has been enabled and Device Platform Intelligence has been analyzed for the test/POC network, the next step is to decide what features of the system will be enabled and what use cases are relevant for the deployment. There are no configuration tasks in this Phase, just decisions that will determine which steps will be executed in the following Phase when configuring the system.
Step 1 - Select from Optional Built-In Services
Note
None of these services are required for Visibility or Enforcement and are all optional.
Genian NAC has several built-in services which are available by default. These services include a DHCP Server, RADIUS Server, Switch Management via SNMP and Syslog Server. Part of the Planning and Design Phase is to determine if any of these services will be utilized.
- DHCP Server? - Y/N
- RADIUS Server? - Y/N
- Switch Management? - Y/N
- Syslog Server? - Y/N
Step 2 - Select Applicable Use Cases
- Block all unknown devices? - Y/N
Captive Portal for browser capable devices? - Y/N
Guest registration? - Y/N
- Internet only access for Guests? - Y/N
- Role Based Access (RBAC) for Guests? - Y/N
- Categorize networking devices? - Y/N
- Add tag (Trusted for example) to networking devices? - Y/N
- Authenticate Managed Devices? - Y/N
- AD/Domain SSO? - Y/N
- RADIUS SSO? - Y/N
- Role Based Access (RBAC) for Managed Devices? - Y/N
- Authenticate BYOD Devices?
- Internet only access for BYOD? - Y/N
- Role Based Access (RBAC) for BYOD? - Y/N
- Agent Enforcement for Managed Devices? - Y/N
- Agent Enforcement for BYOD? - Y/N
- Agent Enforcement for Guests? - Y/N
- IoT Use Cases? - Y/N
- Add tags to IoT devices? - Y/N
- Specific/restricted access for IoT devices? - Y/N
- Other tag use cases? - Y/N
- Other/Specific Use Cases? - Y/N
- Regulatory Compliance
- Business Specific, Other, etc.
- Network Security Automation? - Y/N
- Publish to External System? - Y/N
- Receive Alerts from External System? - Y/N