Installing Network Sensor

The Network Sensor is installed on the user's internal network and collects information, which is then sent to the Policy Server. Depending on your network configuration, you may need to install one or more logical / physical Network Sensors.

Hardware Preparation

You can install the Network Sensor on a physical system or a virtual system.

Physical Appliance

For testing and small-scale deployments, you can use general Intel servers such as HP, Dell, or Mini PCs.

Virtual Machine

You can install the Network Sensor on a virtual machine. Various hypervisors are supported.

Note

Even if you are using a cloud version, the Network Sensor must be installed on your internal network.

Network Connection Preparation

Genian NAC requires a network connection with one or more static IP addresses.

The Network Sensor must monitor broadcast packets (ARP, DHCP, uPNP, etc.) spread across the network and must be connected to all segments (broadcast domains) you intend to manage.

If you have a switch configured with VLANs, you can set up an 802.1Q trunk port to monitor multiple networks with a single physical interface.

If you are installing the Network Sensor in a virtual environment, the VM (Sensor) must be able to communicate directly with all segments you wish to monitor and control.

Note

If you are using a virtual machine, you must select the network interface type in Bridge mode.

To collect wireless LAN information, the Network Sensor must have a compatible wireless network adapter installed. Refer to the document below:

• Wireless Adapter Compatibility

Access port

If you are monitoring a single network via a switch Access Port, no additional switch configuration is required. If you are installing the Network Sensor on a system with two or more NICs, you can monitor multiple segments via access ports.

Trunk Port

To monitor multiple VLANs on a single interface, you must set the switch port as a Trunk Port using the 802.1Q protocol. Below are examples of setting up a Trunk Port 802.1Q on Cisco and HP switches.

Cisco switch configuration example

Cisco(config)#interface gi1/0/48
Cisco(config-if)#switchport trunk encapsulation dot1q
Cisco(config-if)#switchport mode trunk

HP switch configuration example (creating port 48 as a tagged interface)

Procurve(config)#vlan 100
Procurve(config)#tagged 48
Procurve(config)#vlan 200
Procurve(config)#tagged 48

Network Sensor Installation

The installation process is the same as the Policy Server installation. However, in installation step 2, you must select Network Sensor 2.

Refer to Installing Policy Server

• If you are using a Sensor Installation Token (refer to configuring-policy-server-connection-with-token), please enter the token value using the CLI node-server token command.

Initial Configuration

The initial system configuration becomes the default setting for all GENIAN devices registered after the system is configured. Through this, the initial settings are automatically reflected, without needing to separately change the configuration and network sensor settings of newly registered Network Sensors.

• Automatically Setting Appliance Preferences
• Automatically Setting Appliance Sensor Settings