User Tools

Site Tools


biac:nac

Network Access Control ( NAC ) Requirements for access to Duke Health Networks

Duke has rolled out specific security requirements for access to the DHE networks. If you use VPN on a personal machine and need to connect to DHE servers ( ie: munin, cluster, etc ) then you are expected to meet specific requirements.

1) Device registered with NAC : NAC Registration
2) Have the NAC agent installed on your local computer
3) Have an approved anti-virus software ( crowdstrike is preferred )
4) Have an approved operating system version

You can read more about NAC here : https://nac.dhts.duke.edu/network-access-control-nac

Steps to get registered

1) Download and install the FortiNAC Agent

2) Find your WiFi Mac Address - Mac : System Preferences → Network → Wi-Fi → Advanced Button → Hardware Tab - Windows : Control Panel > Network and Internet > Network and Sharing Center → Network Connection → Click Details → Physical Address

3) Register your device at : NAC Registration

4) Install an approved anti-virus software:

Microsoft Windows Mac OSX
AvastAvast
Microsoft Windows Defender, built in Windows 10Bitdefender
AVG-2019 free

5) Approved Operating System versions:

Microsoft Windows Mac OSX
Windows 7 10.15-Catalina
Windows 8 11.0-Big Sur
Windows 10 12.0-Monterey

Verify

Connect to VPN, then open a browser and go to a Duke Site to verify.

Note that sometimes it takes a few seconds between launching the VPN and NAC verification, so if you try to immediately connect to a DHE server you may still be in a remediation network zone. Give it a few more seconds, or potentially reconnect to VPN if needed.

NAC on the DH1 wireless network

While on campus all NAC requirements above must be met to join the secured DH1 wireless network, which replaces clubs:
* NAC DH1 wireless
* please follow instructions for user-managed devices

biac/nac.txt · Last modified: 2022/11/18 16:08 (external edit)