With the Symantec Network Access Control (SNAC) product, how does Enforcement manage computers without the SEP or SNAC client installed?
Symantec Network Access Control can enforce security policies only for the systems that have Symantec clients installed. The security stance of other vendors cannot be enforced. Any enforcement by other vendors can disrupt the network.
The following enforcement methods are available:
You can disable 802.1x on selected ports. However, to disable by selected ports allows anyone to connect by using the port, so it is not recommended. Many vendors have special provisions for the VoIP phones that can automatically move these devices to special voice VLANs.
Using MAB (MAC Authentication Bypass) with the Symantec LAN Enforcer appliance