10.1. Operating Modes

Operating modes are different ways that the enforcement point can behave when controlling user access. NAC solutions can operate in two modes.

10.1.1. Evaluate only

The evaluate-only mode allows you to examine endpoints, create access policies, and log data without actually changing access to network resources.

You may find this mode useful for several reasons:

  • Regulatory compliance: To meet regulatory compliance requirements, you may want only to log who has access to resources, when they log in, what software they have running on their machine, and so on. You can create an audit trail that meets several of the regulatory compliance stipulations. For example, you can log who had access to the datacenter, including the users' names and IP addresses. With some NAC solutions on the market, you can also log what traffic went to which server in the datacenter. If there's a question about a server or resource being accessed, you can refer back to the log data and identify the user, what machine he or she was using, and so on.

  • Learning your network: See how NAC would change user access to resources without actually changing that access. When you start to deploy NAC, evaluate-only mode can let you figure out which users might have problems getting on the network before you actually break their network access. Using evaluate-only mode lets you locate all the access ...

Get Network Access Control For Dummies® now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial