Phase 4 - Test / Validate
Step 1 - Switch Sensor on Test/POC Network to Enforcement Mode
Sensors are deployed in Monitoring mode by default. This means all nodes are allowed on the network and even enabled Enforcement Policies will not be executed. In order to test any use cases which involvement Enforcement, the Sensor will need to be set to Enforcement Mode. The instructions below outline the steps required to activate a Sensor.
An additional consideration is whether or not to Allow or Block new nodes joining the network after the Sensor has been activated. This will essentially enable a Zero Trust model where any node not explicitly permitted by any of the previously configured policies will be blocked until an Administrator specifically grants the node access. When following the steps below, to enable this option, set the New Node Policy under IPAM to “Deny MAC”. If this option is not enabled, the default mode is “Allow” and nodes not machining any particular policy will be granted network access.
Step 2 - Test / Validate Use Cases
With the Sensor now activated, all applicable use cases can be tested and validated. Any use cases not selected in Phase 2 can be skipped.
Verify Unknown devices are blocked
Verify Captive Portal
Verify Guest Registration
Verify tags for network devices
Verify Managed Device Authentication
AD/Domain SSO
RADIUS SSO
Captive Portal (non-domain environments)
Verify Role Based Access (RBAC)
For Managed Devices
For BYOD
For Guests
Verify Agent Enforcement Actions
For Managed Devices
For BYOD
For Guests
Verify IoT Use Cases
Verify tags/access as applicable
Verify other tag Use Cases
Verify tags/access as applicable
Verify other specific Use Cases
Verify Network Security Automation
Verify Publish to External System
Verify Receiving from External System
Verify Alerting and Reporting