User Tools

Site Tools


biac:nac

Network Access Control ( NAC ) Requirements for access to Duke Health Networks

Duke has rolled out specific security requirements for access to the DHE networks. If you use VPN on a personal machine and need to connect to DHE servers ( ie: munin, cluster, etc ) then you are expected to meet specific requirements.

1) Device registered with NAC : NAC Registration
2) Have the NAC agent installed on your local computer
3) Have an approved anti-virus software ( crowdstrike is preferred )
4) Have an approved operating system version

You can read more about NAC here : https://nac.dhts.duke.edu/network-access-control-nac

Steps to get registered

1) Download and install the FortiNAC Agent

2) Find your WiFi Mac Address
- Mac : System Preferences → Network → Wi-Fi → Advanced Button → Hardware Tab
- Windows : Control Panel > Network and Internet > Network and Sharing Center → Network Connection → Click Details → Physical Address

3) Register your device at : NAC Registration

4) Install an approved anti-virus software:

Microsoft Windows Mac OSX
AvastAvast
Microsoft Windows Defender, built in Windows 10Bitdefender
AVG-2019 free

5) Approved Operating System versions:

Microsoft Windows Mac OSX
Windows 7 10.11-El Capitan
Windows 8 10.12-Sierra
Windows 10 10.13-High Sierra
10.14-Mojave
10.15-Catalina
11.0-Big Sur

Verify

Connect to VPN, then open a browser and go to a Duke Site to verify.

Note that sometimes it takes a few seconds between launching the VPN and NAC verification, so if you try to immediately connect to a DHE server you may still be in a remediation network zone. Give it a few more seconds, or potentially reconnect to VPN if needed.

biac/nac.txt · Last modified: 2021/07/21 15:08 by cmp12