FAQ

What is the product release cycle?

• Genian NAC releases bi-monthly regular release versions starting from February 2021.

Can I downgrade the software version?

• No, downgrading is not supported. For rollback, you must create a backup before upgrading, then reinstall the software and restore the backup data. Incorrect downgrades are not recommended as the database may not be properly configured due to DB Migration.

Is communication between each component encrypted?

• Yes, event and policy-related communication between each component is encrypted via TLS.

How do I check Windows updates for endpoints?

• Refer to Step 1 of Update Windows.

What operating systems does the agent support?

• Genian NAC provides agents for Windows, macOS, and Linux operating systems.

Which antivirus products are supported?

• Genian NAC is continuously expanding its support range for both domestic and international antivirus products through ongoing integration. See Windows for more details, macOS for more details, Linux for more details.

What wireless adapters does Genian NAC support?

• This is a list of wireless adapters compatible with Genian NAC wireless sensors. Wireless Adapter Compatibility

Why is the CWP page not displayed for a network-blocked node?

• If DNS communication is not possible, the blocking page will not be displayed. In other cases, it is highly likely that browser security settings such as HSTS and HPKP are active. Please refer to the following document: Method of Displaying CWP Page to a PC Attempting HTTP Communication

Why is the agent icon grayed out in the Web Console's Node Management screen?

• The agent icon appears gray in the Web Console's node list when the Policy Server and agent are not communicating, or when the agent is not running.

Why can't domain information be collected in an Agentless environment?

• If the Network Sensor's communication with NetBIOS, remote WMI, etc., of the endpoint is not smooth, collection will not occur.

Why is the endpoint hostname not collected in an Agentless environment?

• The Network Sensor monitors the endpoint's hostname in real-time. If DHCP, netbios.ns, netbios-dgm, or MDNS services are not monitored, the hostname is not collected.

Why is endpoint information not collected in an Agentless environment?

• There are some endpoints where WMI information cannot be collected due to a DCOM version issue in the Windows 10 2004 release. You can receive temporary measures through the Technical Support Center.

Why do I see many "Database Duplicated" logs in the audit logs?

• These are DB warning logs that appear when attempting to re-add data that already exists in the database. If they appear repeatedly, you can receive support through the Technical Support Center.

I am in an Agentless environment, but the enforcement policy has an "Agent Not Installed Block" policy.

• Default enforcement policies are created based on environments where the Agent is installed. In environments where the Agent is not installed, you should create/delete and use policies appropriate for your environment.

Is RAID configuration possible?

• RAID 0,1 configuration is possible by adding a separate RAID card (ASR-8405E v2). For more details, please contact the Sales Department.

What is the update cycle for operational information data (Genian data)?

• Operational information data automatically updates at the configured cycle if you set the check cycle in Web Console > Settings > Other Settings > Operational Information Auto Update Settings and turn the Auto Update item to On at the bottom. Managing System Software

How should wireless LAN AP SSID be collected?

• Please refer to the following document: Controlling WLAN

What is the method to control endpoint wireless LAN access?

• Endpoint wireless LAN access control can be performed in two ways: disabling the wireless network adapter (Controlling Network Interface) and restricting wireless LAN AP access using Controlling WLAN.

What is the method to control endpoints that use shared networks via wired/wireless connections?

• You can restrict it by using the Adhoc network connection policy in the Anomaly Definition policy (Understanding Anomaly Detection).

What is the method to control unnecessary administrator web access?

• You can forcibly terminate unnecessary access sessions using the session management function (Managing Administrator Connections).

How do I check the network connection status of a node?

• You can check by setting the node status check method (Configuring Node Network Connection Health Checks).

Can I access the Web Console using Active Directory user credentials?

• Yes, if authentication integration and Data Synchronization are configured. AD domain controller and database synchronization are required, and finally, AD users must be selected and configured in the Genians user database.
• External Authentication Server Settings
• LDAP

How do node type and platform classification work?

• Node type and platform classification are performed using operational data: NMDB (NMAP Database, Node Information Detection Data) and GPDB (Genian Platform Databases, Operating System Detection Data).
• GDPI

How do I collect agent logs?

• Right-click Agent Tray Icon -> Click Program Information -> Click Error Report -> Check C:GnAgentYYYYMMDDhhmmss.zip file.

Is it mandatory to proceed with the security compliance verification process after introducing the appliance?

• For products listed in the National Cyber Security Center's List of Verified Stable Products, security compliance verification can be omitted. Currently, NAC is registered as a security product for network segmentation and network access control.
• National Cyber Security Center

What is the difference between Node Action and Control Action?

• Node Action is an action plugin policy used in node policies, and Control Action is an action policy used in enforcement policies.
• Node Action can use all registered agent plugins, but Control Action can only use specified plugins.

An endpoint using a wireless network is detected as a different platform.

• This false positive occurs when mobile and PC devices change their MAC address to a RANDOM MAC, inadvertently using the OUI (Organizationally Unique Identifier) of a different manufacturer.
• The RANDOM MAC setting is located in the wireless profile details, and this issue can be resolved by setting the MAC address type to the endpoint's MAC. Wireless LAN User Devices Are Detecting as Wrong Platform

What are Agent Sensor and Network Sensor?

• Agent Sensor: Collects asset information on the same network by installing the agent on some endpoints.
• Network Sensor: Collects asset information present on the network by setting up a physical server.

How do I use the Agent Sensor feature?

• Web Console → Policy (top menu) → Click the node policy to apply → Click Assign Agent Actions, move 'Sensor' to Selected and click Edit. Then click Edit at the bottom and click Apply Changed Policy (top right) to enable the Agent Sensor feature.

How do I set up the Network Sensor?

• Refer to the guide: Installing Network Sensor to configure a physical server (mini PC, desktop, server, etc.).

What information can I collect and view via the Agent Sensor?

• Automatically collects the IP, MAC, and host name of endpoints connected to the network and helps you easily identify them.

What information can I collect and view via the Network Sensor?

• Automatically collects and lets you easily view device type (PC, Network Appliance, Mobile Device, etc.), IP, MAC, host name, platform, NIC vendor, open ports, and service list.

What is the capacity of the trial license?

• You can automatically register and identify up to 300 endpoints.

Can I manage device/equipment information separately?

• Yes.
• Device: Management → Nodes → Click a device → In the Device Information tab, you can enter and manage manufacture date, vendor, serial number, etc.
• Node: Use the Description field, or manage with custom fields if categorization is needed.

Why do I see the agent Location Service permission pop-up on Windows 11 (24H2)?

• What changed? Starting with Windows 11 24H2, by Microsoft policy, apps that use Location Services must ask for permission the first time.
• Why does it appear? The plugin needs location permission to retrieve Wi-Fi lists, scan, and manage connections.
• Affected features: Interface control, network information collection, wireless LAN control, wireless connection manager.
• If you don't allow Location Services, these plugins may not function properly.