Differences

This shows you the differences between two versions of the page.

--- biac:nac [2021/06/30 21:27] – [Network Access Control ( NAC ) Requirements for access to Duke Health Networks] cmp12
+++ biac:nac [2022/03/22 15:35] – cmp12
@@ Line 1: / Line 1: @@
-====== Network A
+====== Network Access Control ( NAC ) Requirements for access to Duke Health Networks ======
-ccess Control ( NAC ) Requirements for access to Duke Health Networks ======
 Duke has rolled out specific security requirements for access to the DHE networks.  If you use VPN on a personal machine and need to connect to DHE servers ( ie: munin, cluster, etc ) then you are expected to meet specific requirements.
-) Device registered with NAC : [[https://dukereg.duke.edu/|NAC Registration]]
+) Device registered with NAC : [[https://dukereg.duke.edu/|NAC Registration]]\\
+) Have the NAC agent installed on your local computer\\
-) Have the NAC agent installed on your local computer
+) Have an approved anti-virus software ( crowdstrike is preferred ) \\
-) Have an approved anti-virus software
+) Have an approved operating system version\\
-) Have an approved operating system version
 You can read more about NAC here : [[https://nac.dhts.duke.edu/network-access-control-nac]]
+====== Steps to get registered ======
+) Download and install the FortiNAC Agent
+^ Windows ^ OSX ^ Linux ^
+|[[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Windows/|FortiNAC.exe]]|[[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/OSX/FortiNAC%20Persistent%20Agent.dmg|FortiNAC.dmg]]| [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Linux/ | RHEL of Debian ]]|
+) Find your WiFi Mac Address
+ - Mac : System Preferences -> Network -> Wi-Fi -> Advanced Button -> Hardware Tab
+ - Windows : Control Panel > Network and Internet > Network and Sharing Center -> Network Connection -> Click Details -> Physical Address
-====== Windows ======
+) Register your device at : [[https://dukereg.duke.edu/|NAC Registration]]
-) Download and install the FortiNAC Agent : [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Windows/|FortiNAC.exe]]
+) Install an approved anti-virus software:
+^ Microsoft Windows ^ Mac OSX ^
+|[[https://www.avast.com/en-us/free-antivirus-download|Avast]]|[[https://www.avast.com/en-us/free-mac-security|Avast]]|
+|Microsoft Windows Defender, built in Windows 10|[[https://www.bitdefender.com|Bitdefender]]|
+|[[https://www.avg.com/en-us/free-antivirus-download|AVG-2019 free]]|
-) Register your device at : [[https://dukereg.duke.edu/|NAC Registration]]
-) Install an approved anti-virus software ( Crowdstrike ( preferred ), Avast, BitDefender, Microsoft Windows Defender ) : [[https://shadow.biac.duke.edu/Network_Requirements/Crowdstrike/Windows/|Crowdstrike]]
+) Approved Operating System versions:
-) Approved Windows versions:
+^ Microsoft Windows     ^ Mac OSX ^
- - Windows 7
+| Windows 7    | 10.14-Mojave|
- - Windows 8
+| Windows 8    | 10.15-Catalina|
- - Windows 10
+| Windows 10   | 11.0-Big Sur|
+| |12.0-Monterey|
-====== Mac OSX ======
-) Download and install the FortiNAC Agent : [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/OSX/FortiNAC%20Persistent%20Agent.dmg|FortiNAC.dmg]]
+==== Verify ====
-) Register your device at : [[https://dukereg.duke.edu/|NAC Registration]]
+Connect to VPN, then open a browser and go to a Duke Site to verify.\\
-) Install an approved anti-virus software ( Crowdstrike ( preferred ), Avast, BitDefender : [[https://shadow.biac.duke.edu/Network_Requirements/Crowdstrike/OSX/|Crowdstrike]]
+Note that sometimes it takes a few seconds between launching the VPN and NAC verification, so if you try to immediately connect to a DHE server you may still be in a remediation network zone.  Give it a few more seconds, or potentially reconnect to VPN if needed.
-) Mac OS has to be one of the following:
- - 10.11-El Capitan
- - 10.12-Sierra
- - 10.13-High Sierra
- - 10.14-Mojave
- - 10.15-Catalina
- - 11.0-Big Sur
-====== Linux ======