Brain Imaging & Analysis Center

User Tools

Site Tools

You are here: biac » biac » nac
biac:nac

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
biac:nac [2021/06/30 21:22]
cmp12 		biac:nac [2022/08/31 17:30]
cmp12 [Steps to get registered]
Line 3: Line 3:
 Duke has rolled out specific security requirements for access to the DHE networks.  If you use VPN on a personal machine and need to connect to DHE servers ( ie: munin, cluster, etc ) then you are expected to meet specific requirements. Duke has rolled out specific security requirements for access to the DHE networks.  If you use VPN on a personal machine and need to connect to DHE servers ( ie: munin, cluster, etc ) then you are expected to meet specific requirements.
  
-1) Device registered with NAC : [[https://dukereg.duke.edu/|NAC Registration]] +1) Device registered with NAC : [[https://dukereg.duke.edu/|NAC Registration]]\\ 
-2) Have the NAC agent installed on your local computer +2) Have the NAC agent installed on your local computer\\ 
-3) Have an approved anti-virus software +3) Have an approved anti-virus software ( crowdstrike is preferred ) \\ 
-4) Have an approved operating system version  +4) Have an approved operating system version\\  
  
 You can read more about NAC here : [[https://nac.dhts.duke.edu/network-access-control-nac]] You can read more about NAC here : [[https://nac.dhts.duke.edu/network-access-control-nac]]
  
  
 +====== Steps to get registered ======
  
-====== Windows ====== 
  
-1) Download and install the FortiNAC Agent [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Windows/|FortiNAC.exe]]+1) Download and install the FortiNAC Agent 
 +^ Windows ^ OSX ^ Linux ^ 
 +|[[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Windows/|FortiNAC.exe]]|[[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/OSX/FortiNAC%20Persistent%20Agent.dmg|FortiNAC.dmg]]| [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/Linux/ | RHEL of Debian ]]|
  
-2) Register your device at [[https://dukereg.duke.edu/|NAC Registration]]+2) Find your WiFi Mac Address 
 + - Mac System Preferences -> Network -> Wi-Fi -> Advanced Button -> Hardware Tab 
 + - Windows Control Panel > Network and Internet > Network and Sharing Center -> Network Connection -> Click Details -> Physical Address 
  
-3) Install an approved anti-virus software ( Crowdstrike ( preferred ), Avast, BitDefender, Microsoft Windows Defender ) : [[https://shadow.biac.duke.edu/Network_Requirements/Crowdstrike/Windows/|Crowdstrike]]+3) Register your device at : [[https://dukereg.duke.edu/|NAC Registration]]
  
-4) Approved Windows versions+4) Install an approved anti-virus software
- Windows 7 +^ Microsoft Windows ^ Mac OSX ^ 
- Windows 8 +|[[https://www.avast.com/en-us/free-antivirus-download|Avast]]|[[https://www.avast.com/en-us/free-mac-security|Avast]]| 
- - Windows 10+|Microsoft Windows Defender, built in Windows 10|[[https://www.bitdefender.com|Bitdefender]]| 
 +|[[https://www.avg.com/en-us/free-antivirus-download|AVG-2019 free]]|
  
-====== Mac OSX ====== 
  
-1Download and install the FortiNAC Agent [[https://shadow.biac.duke.edu/Network_Requirements/NAC%20Agent/OSX/FortiNAC%20Persistent%20Agent.dmg|FortiNAC.dmg]]+5Approved Operating System versions:
  
-2) Register your device at : [[https://dukereg.duke.edu/|NAC Registration]]+^ Microsoft Windows     ^ Mac OSX ^ 
 +| Windows 7    | 10.15-Catalina| 
 +| Windows 8    | 11.0-Big Sur| 
 +| Windows 10   | 12.0-Monterey|
  
-3) Install an approved anti-virus software ( Crowdstrike ( preferred ), Avast, BitDefender : [[https://shadow.biac.duke.edu/Network_Requirements/Crowdstrike/OSX/|Crowdstrike]] 
  
-4) Mac OS has to be one of the following: +==== Verify ====
- - 10.11-El Capitan +
- - 10.12-Sierra +
- - 10.13-High Sierra  +
- - 10.14-Mojave +
- - 10.15-Catalina +
- - 11.0-Big Sur+
  
-====== Linux ======+Connect to VPN, then open a browser and go to a Duke Site to verify.\\
  
 +Note that sometimes it takes a few seconds between launching the VPN and NAC verification, so if you try to immediately connect to a DHE server you may still be in a remediation network zone.  Give it a few more seconds, or potentially reconnect to VPN if needed.
 +
 +
 +
 +====== NAC on the DH1 wireless network ======
 +
 +While on campus all NAC requirements above must be met to join the secured DH1 wireless network, which replaces clubs:\\
 + * [[https://nac.dhts.duke.edu/nac-dh1-wireless| NAC DH1 wireless]]\\
 + * please follow instructions for user-managed devices\\
  
biac/nac.txt · Last modified: 2023/04/07 20:47 by cmp12

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki