I have few question on SNAC.
1. I have read few article on SNAC, can I say it is a network enforcer? As I know it is a hardware that place in the network and do we need configure the policy on this device or the policy will auto pull to this device from SEPM? If so but i din see the setting that push the policy or config in SEPM 12.1.x.
2. In SEPM 12.1.x already have the integrity, do we still need SNAC?
3. If the client have not install with SEP, how SEPM 12.1.x perform the intergrity check?
Hope some one really can answer on this and provide some refrence.
Thank in advance.
SEP 12.1.5 has the host integrity feature built-in. I would suggest getting to 12.1.6 MP4 (latest version) so you can utilise it.
Symantec network access control(SNAC) is a software based enforcer it does it with the help of its end point clients SEP.
1) I am not sure about the network enforcer as far as i know they have discontinued it. If you have the old enforcer appliance you can still manage the SNAC with SEPM, that the only way.
Note: Not sure if they have an updated product
2) As of SEPM 12.1.5 and above it is a built in feature,. The point in fact is if you have the enforcer you can prevent it from the network end.
3) For SNAC to work you need the SEP client but its your choice whether you want all the features of the AV to work along with host intergrity or just the host integrity installed, this can only be managed by a SEPM
Reference :- https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/DOCUMENTATION/7000/DOC7707/en_US/Installation_and_Administration_Guide_SNAC12.1.5.pdf?__gda__=1461182283_f5185f4d0f6d9a0699dc016ecf412c16
Hope it helps.