FAQ

What is the product release cycle?

• Genian NAC releases bi-monthly regular release versions starting from February 2021.

Can I downgrade the software version?

• No, downgrading is not supported. For rollback, you must create a backup before upgrading, then reinstall the software and restore the backup data. Incorrect downgrades are not recommended as the database may not be properly configured due to DB Migration.

Is communication between each component encrypted?

• Yes, event and policy-related communication between each component is encrypted via TLS.

How do I check Windows updates for endpoints?

• Refer to Step 1 of Update Windows.

What operating systems does the agent support?

• Genian NAC provides agents for Windows, macOS, and Linux operating systems.

Which antivirus products are supported?

• Genian NAC is continuously expanding its support range for both domestic and international antivirus products through ongoing integration. See Windows for more details, macOS for more details, Linux for more details.

What wireless adapters does Genian NAC support?

• This is a list of wireless adapters compatible with Genian NAC wireless sensors. Wireless Adapter Compatibility

Why is the CWP page not displayed for a network-blocked node?

• If DNS communication is not possible, the blocking page will not be displayed. In other cases, it is highly likely that browser security settings such as HSTS and HPKP are active. Please refer to the following document: Method of Displaying CWP Page to a PC Attempting HTTP Communication

Why is the agent icon grayed out in the Web Console's Node Management screen?

• The agent icon appears gray in the Web Console's node list when the Policy Server and agent are not communicating, or when the agent is not running.

Why can't domain information be collected in an Agentless environment?

• If the Network Sensor's communication with NetBIOS, remote WMI, etc., of the endpoint is not smooth, collection will not occur.

Why is the endpoint hostname not collected in an Agentless environment?

• The Network Sensor monitors the endpoint's hostname in real-time. If DHCP, netbios.ns, netbios-dgm, or MDNS services are not monitored, the hostname is not collected.

Why is endpoint information not collected in an Agentless environment?

• There are some endpoints where WMI information cannot be collected due to a DCOM version issue in the Windows 10 2004 release. You can receive temporary measures through the Technical Support Center.

Why do I see many "Database Duplicated" logs in the audit logs?

• These are DB warning logs that appear when attempting to re-add data that already exists in the database. If they appear repeatedly, you can receive support through the Technical Support Center.

I am in an Agentless environment, but the enforcement policy has an "Agent Not Installed Block" policy.

• Default enforcement policies are created based on environments where the Agent is installed. In environments where the Agent is not installed, you should create/delete and use policies appropriate for your environment.

Is RAID configuration possible?

• RAID 0,1 configuration is possible by adding a separate RAID card (ASR-8405E v2). For more details, please contact the Sales Department.

What is the update cycle for operational information data (Genian data)?

• Operational information data automatically updates at the configured cycle if you set the check cycle in Web Console > Settings > Other Settings > Operational Information Auto Update Settings and turn the Auto Update item to On at the bottom. anaging System Software

How should wireless LAN AP SSID be collected?

• Please refer to the following document: Controlling WLAN

What is the method to control endpoint wireless LAN access?

• Endpoint wireless LAN access control can be performed in two ways: disabling the wireless network adapter (Controlling Network Interface) and restricting wireless LAN AP access using Controlling WLAN.

What is the method to control endpoints that use shared networks via wired/wireless connections?

• You can restrict it by using the Adhoc network connection policy in the risk detection policy (Understanding Anomaly Detection).

What is the method to control unnecessary administrator web access?

• You can forcibly terminate unnecessary access sessions using the session management function (Managing Administrator Connections).

How do I check the network connection status of a node?

• You can check by setting the node status check method (Configuring Node Network Connection Health Checks).

Can I access the Web Console using Active Directory user credentials?

• Yes, if authentication integration and information synchronization are configured. AD domain controller and database synchronization are required, and finally, AD users must be selected and configured in the Genians user database.
• External Authentication Server Settings
• LDAP

How do node type and platform classification work?

• Node type and platform classification are performed using operational data: NMDB (NMAP Database, Node Information Detection Data) and GPDB (Genian Platform Databases, Operating System Detection Data).
• GDPI

How do I collect agent logs?

• Right-click Agent Tray Icon -> Click Program Information -> Click Error Report -> Check C:GnAgentYYYYMMDDhhmmss.zip file.

Is it mandatory to proceed with the security compliance verification process after introducing the appliance?

• For products listed in the National Cyber Security Center's List of Verified Stable Products, security compliance verification can be omitted. Currently, NAC is registered as a security product for network segmentation and network access control.
• National Cyber Security Center

What is the difference between Node Action and Control Action?

• Node Action is an action plugin policy used in node policies, and Control Action is an action policy used in enforcement policies.
• Node Action can use all registered agent plugins, but Control Action can only use specified plugins.

An endpoint using a wireless network is detected as a different platform.

• This false positive occurs when mobile and PC devices change their MAC address to a RANDOM MAC, inadvertently using the OUI (Organizationally Unique Identifier) of a different manufacturer.
• The RANDOM MAC setting is located in the wireless profile details, and this issue can be resolved by setting the MAC address type to the endpoint's MAC. Wireless LAN User Devices Are Detecting as Wrong Platform