Novell ZENworks Network Access Control can perform tests through firewalls on both managed and unmanaged endpoints.
The following sections contain more information:
Typically, a managed endpoint’s firewall is controlled with the Domain Group Policy for Windows, or a central policy manager for other firewalls. In this case, the network administrator opens up the agent port or agentless ports only to the Novell ZENworks Network Access Control server using the centralized policy.
If the Domain Group Policy is not used for Windows endpoints, the appropriate ports are opened during the agent installation process by the Novell ZENworks Network Access Control installer.
For unmanaged endpoints, the NAC Agent and the ActiveX control test methods automatically open the necessary ports for testing.
End-users connecting with Windows XP, but a non-SP2 firewall (such as Norton) must configure that firewall to allow connection to Novell ZENworks Network Access Control on port 1500, or the installation of the agent fails.
See the following sections for instructions: