UNETSHA

UNETSHA is a plug-in to extend the security health check in Microsoft NAP platform and implements diverse security policy for network terminals allowing to use all the hardware and software components as security health check objects.

OVERVIEW

UNETSHA is a plug-in for extending the Microsoft NAP platform’s security health check capabilities as well as its interoperability with third-party endpoint security solutions. It enables more granular network access control in enterprise-wide NAP implementations that include heterogeneous network terminals such as Windows, Linux and Mac OS X.

UNETSHA can perform a variety of health check functions including quarantining user terminals that try to open specific ports that are used by worms, enforcing application patches, and sending warning messages to the terminals that do not have required software or run prohibited software such as P2P programs. These actions are based on examining file sizes, installed programs, process monitoring status, registry keys, components in INI files, etc. UNETSHA also supports Windows Management Instrumentation (WMI) which is used to manage the configuration, status and operational aspects of hardware and software in Windows, and administrators can use these managed objects as NAP policy objects. Through the use of over 7,000 managed objects, administrators can set up a vast number of different policy sets. By utilizing this feature, terminals using mass storage devices such as external HDDs, CD writers or unauthorized wireless network adapters can be quarantined from the corporate network.

FEATURE HIGHLIGHT

Providing Windows, Linux and Mac NAP Agents

When implementing NAP on your network, you may have to deal with not only Windows terminals, but also Linux and Mac terminals. UNETSHA provides Windows, Linux and Mac agents for a seamless network access protection platform in a heterogeneous environment.

Extending NAP’s Security Health Check Capabilities

The default NAP policy is enforced on all PCs in the same domain. This policy may not support policies that are differentiated based on the actual user groups. UNETSHA supports login ID based policy enforcement for exceptional cases to make NAP policy enforcement more flexible.

Supporting Unlimited Policy Objects with WMI

With over 7,000 managed objects provided by Windows Management Instrumentation, administrators can use software and hardware objects to control the network access. For example, terminals using external mass storage devices or unauthorized wireless network adapters can be quarantined from the corporate network.

Migrating NAQC to Microsoft NAP

Network Access Quarantine Control (NAQC) is a set of services and utilities available for Windows Server 2003 that lets you prevent remote users from connecting to your network with machines that are not up to date and quarantine those users in a secured area. The migration of compliance checks is critical in the transition from the NAQC environment to the NAP environment. UNETSHA supports migration from NAQC to NAP through script-level compatibility when you make a NAP policy.

Easy Updates for NAP Agents

UNETSHA allows administrators to manage agent update packages from the main management console without the need for any additional applications. The NAP agents are updated automatically according to the operating system when the network is accessed.


DIAGRAM

  • Health Check Object
    • Basic
      • Check Registry
      • Check Registry Key
      • Check File Exist
      • Check File Size
      • Check Create/Modify/Access time of File
      • Check File Checksum
      • Check Process Running
      • Check OS version
      • Check Port
      • Check Install Program
      • Check INI File
      • Check Firewall Service
      • Check Update Service
    • Advanced
      • Check NAQC rule
      • Check WMI Rule
  • Action Object
    • Windows
      • Allow/Deny Network Access
      • Add/Modify/Delete Registry Value
      • Add/Delete Registry
      • Add/Modify/Delete INI File
      • Key and its Value
      • Run/Kill Process