Installing Policy Server

Choose Deployment Type

Policy Server can be installed in two different ways based on the size of deployment, or security considerations.

All-in-One (Policy Server + Network Sensor)
In a small network, a system can function as a policy server and network sensor.
Policy Server Only
System only work for Policy Server functionality. In general, on a large network, separate the policy server and network sensor for performance and reliability. At least two systems are required for this deployment type.

Prepare Hardware

You can install Policy Server on a physical machine or virtual machine.

Physical Machine

You can use generic intel server like HP, Dell or Mini PC for testing and small deployment. If you have any hardware comparability issue, please contact us

Minimum Hardware Requirements

  • Processor: Intel or AMD Dual core
  • Memory: 4GB (8GB Recommended)
  • Storage: 120GB
  • NIC: 1+ Wired Network Interface, Wireless Interface (Optional)
Virtual Machine
You can install Policy Server on virtual machine. We support various hypervisors like VMWare, VirtualBox, XenServer.
Genians provides cloud-managed services that do not require users to manually install and manage policy servers. For more information, please refer to the

For more information about sizing, See Sizing Software and Hardware.

Prepare Network Connection

Genian NAC requires a network connection with at least one static IP address for management. If you are installing in an All-in-One configuration, you can use the management interface with an interface for network sensors.

Genian NAC needs to monitor network broadcast packets (ARP, DHCP, uPNP...), it must be connected to all the segments (broadcast domains) that you want to manage. If you have a switch configured with VLANs, you can set up an 802.1Q trunk port to monitor multiple networks with one physical interface.

In case of Cisco switch

Cisco(config)#interface gi1/0/48
Cisco(config-if)#switchport trunk encapsulation dot1q
Cisco(config-if)#switchport mode trunk

In case of HP switch (make port 48 to tagged interface)

Procurve(config)#vlan 100
Procurve(config)#tagged 48
Procurve(config)#vlan 200
Procurve(config)#tagged 48

If the network you want to manage is connected via WAN, you need a physically separated network sensor for each location, and their broadcast domains.


If you are using a virtual machine on your system, be sure to select the network interface type in Bridge mode.
If you try to use VMWare ESXi with 802.1Q trunk port, you need to enable VGT mode. See

It is recommended that the Wireless Network Adapter be installed in order for the network sensor to collect Wireless LAN information. See Wireless Adapter Compatibility

Download Software

Download the Policy Server ISO file from the download page and create a CD-ROM or bootable USB for physical machine installation


The Genian NAC installation contains the linux operating system. You do not need to install a separate OS.

Installing Policy Server

  1. Boot up your machine

    • Insert the CD-ROM or bootable USB flash drive into your physical machine
    • Change the boot sequence to boot from the CD-ROM or USB drive
    • On virtual machine, select ISO file for installation media
  2. Type “1” for Genian NAC Policy Server + Sensor (or type "2" for install additional network sensor)

  1. Type “i” to proceed
  1. Reboot your system
  • Remove the installation media (e.g. USB)
  • Press Enter to reboot

Initial Configuration

After the system reboots, you need to do the initial setup.

  1. Create admin account for Web UI and SSH connection
  • Enter superadmin account name. (default is admin)
  • Enter superadmin password
  1. Set up a system time zone and NTP server
  • Enter number of your continent and city
  • Enter NTP server IP or FQDN (default is
../_images/initialsetup-step-2.png ../_images/initialsetup-step-3.png ../_images/initialsetup-step-4.png
  1. Select connection type


Please make sure that the network connection is connected to the first interface (eth0) of the system.
  • In case the interface eth0 is connected access port (regular port)
    • Type "n"
  • In case the interface eth0 is connected to 802.1Q trunk port
    • Type "y"
    • Enter VLAN IDs for activate NAC service (Concatenated by comma or A-B for range. e.g: 10,20-30)
    • Enter VLAN ID for management interface
    • VLAN Sensor interfaces will be set as DHCP Clients by default.
    • To define static IP's for VLAN interfaces after the initial installation, see: Configuring Interface IP Addresses.
  1. Network configuration

This step is to set the interface IP address for management.

  • Enter IP address
  • Enter netmask
  • Enter default gateway
  • Enter DNS IP addresses (Concatenated by comma)
  1. Enter Policy Server IP or FQDN.


This step appears only if you selected Network Sensor during ISO installation step 2.
  • IP Address (e.g.
  • Cloud Site Name (e.g.
  1. Verify all information
  • Everythings correct. Type “y” to start
  • Something wrong. Type "n" to restart configuration
  1. Login to Genian NAC management UI. See Administration Console

Unsupported Hardware

If you find any device driver unsupported problems. please report to us.


If the storage device or network interface is not recognized when installing the virtual machine, please change the storage type to SATA or change the network interface driver to Intel series such as E1000.