UNETSHA 3.5, plug in for MS Network Access Protection for Win(XP, Vista, 7), Lin(Fedora, Ubuntu), Mac OSX

Created by Sung Joon Ahn (SJ Namo, Inc.) on October 12, 2009

UNETSHA is a plug-in program that will extend the Microsoft NAP platform’s security health check capabilities as well as its interoperability with third-party endpoint security solutions. It enables more granular network access control in enterprise-wide NAP implementations that include heterogeneous network terminals such as Windows, Linux and Mac OS X.

UNETSHA can perform a variety of health check functions including quarantining user terminals that try to open specific ports that are used by worms, enforcing application patches, and sending warning messages to the terminals that do not have required software or run prohibited software such as P2P programs. These actions are based on examining file sizes, installed programs, process monitoring status, registry keys, components in INI files, etc. UNETSHA also supports Windows Management Instrumentation (WMI) which is used to manage the configuration, status and operational aspects of hardware and software in Windows, and administrators can use these managed objects as NAP policy objects. Through the use of over 7,000 managed objects, administrators can set up a vast number of different policy sets. By utilizing this feature, terminals using mass storage devices such as external HDDs, CD writers or unauthorized wireless network adapters can be quarantined from the corporate network

Providing Windows, Linux and Mac NAP Agents

When implementing NAP on your network, you may have to deal with not only Windows terminals, but also Linux and Mac terminals. UNETSHA provides Windows, Linux and Mac agents for a seamless network access protection platform in a heterogeneous environment.

Extending NAP’s Security Health Check Capabilities

The default NAP policy is enforced on all PCs in the same domain. This policy may not support policies that are differentiated based on the actual user groups. UNETSHA supports login ID based policy enforcement for exceptional cases to make NAP policy enforcement more flexible.

Supporting Unlimited Policy Objects with WMI

With over 7,000 managed objects provided by Windows Management Instrumentation, administrators can use software and hardware objects to control the network access. For example, terminals using external mass storage devices or unauthorized wireless network adapters can be quarantined from the corporate network.

Migrating NAQC to Microsoft NAP

Network Access Quarantine Control (NAQC) is a set of services and utilities available for Windows Server 2003 that lets you prevent remote users from connecting to your network with machines that are not up to date and quarantine those users in a secured area. The migration of compliance checks is critical in the transition from the NAQC environment to the NAP environment. UNETSHA supports migration from NAQC to NAP through script-level compatibility when you make a NAP policy.

Easy Updates for NAP Agents

UNETSHA allows administrators to manage agent update packages from the main management console without the need for any additional applications. The NAP agents are updated automatically according to the operating system when the network is accessed.

Supporting OS Client

UNETSHA is currently supporting the following OSs:

Windows Server 2008

Windows 7, Vista, XP with SP3

Linux (Fedora 6/7/8/9/10/11, Ubuntu 7.x/8.x/9.x)

Mac OSX 10.5

Supporting Network Environment

802.1x, DHCP, TS, Wireless

Sung's blog
Login or register to post comments
38 reads

		UNETSHA 3.5, plug in for MS Network Access Protection for Win(XP, Vista, 7), Lin(Fedora, Ubuntu), Mac OSX Created by Sung Joon Ahn (SJ Namo, Inc.) on October 12, 2009 UNETSHA is a plug-in program that will extend the Microsoft NAP platform’s security health check capabilities as well as its interoperability with third-party endpoint security solutions. It enables more granular network access control in enterprise-wide NAP implementations that include heterogeneous network terminals such as Windows, Linux and Mac OS X. UNETSHA can perform a variety of health check functions including quarantining user terminals that try to open specific ports that are used by worms, enforcing application patches, and sending warning messages to the terminals that do not have required software or run prohibited software such as P2P programs. These actions are based on examining file sizes, installed programs, process monitoring status, registry keys, components in INI files, etc. UNETSHA also supports Windows Management Instrumentation (WMI) which is used to manage the configuration, status and operational aspects of hardware and software in Windows, and administrators can use these managed objects as NAP policy objects. Through the use of over 7,000 managed objects, administrators can set up a vast number of different policy sets. By utilizing this feature, terminals using mass storage devices such as external HDDs, CD writers or unauthorized wireless network adapters can be quarantined from the corporate network Providing Windows, Linux and Mac NAP Agents When implementing NAP on your network, you may have to deal with not only Windows terminals, but also Linux and Mac terminals. UNETSHA provides Windows, Linux and Mac agents for a seamless network access protection platform in a heterogeneous environment. Extending NAP’s Security Health Check Capabilities The default NAP policy is enforced on all PCs in the same domain. This policy may not support policies that are differentiated based on the actual user groups. UNETSHA supports login ID based policy enforcement for exceptional cases to make NAP policy enforcement more flexible. Supporting Unlimited Policy Objects with WMI With over 7,000 managed objects provided by Windows Management Instrumentation, administrators can use software and hardware objects to control the network access. For example, terminals using external mass storage devices or unauthorized wireless network adapters can be quarantined from the corporate network. Migrating NAQC to Microsoft NAP Network Access Quarantine Control (NAQC) is a set of services and utilities available for Windows Server 2003 that lets you prevent remote users from connecting to your network with machines that are not up to date and quarantine those users in a secured area. The migration of compliance checks is critical in the transition from the NAQC environment to the NAP environment. UNETSHA supports migration from NAQC to NAP through script-level compatibility when you make a NAP policy. Easy Updates for NAP Agents UNETSHA allows administrators to manage agent update packages from the main management console without the need for any additional applications. The NAP agents are updated automatically according to the operating system when the network is accessed. Supporting OS Client UNETSHA is currently supporting the following OSs: Windows Server 2008 Windows 7, Vista, XP with SP3 Linux (Fedora 6/7/8/9/10/11, Ubuntu 7.x/8.x/9.x) Mac OSX 10.5 Supporting Network Environment 802.1x, DHCP, TS, Wireless fedora \| Health Check \| Linux \| Mac OSX \| NAP \| Network Access Control \| Network Access Protection \| Network Compliance \| SHA \| SHV \| Ubuntu \| Windows 7 \| Windows Server 2008 Sung's blog Login or register to post comments 38 reads
		© Copyright 1999-2009 EDUCAUSE Need Help? \| Feedback \| Privacy Policy
	Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.