Inline mode — An IP address is assigned to the endpoint outside of Novell ZENworks Network Access Control. When the end-user attempts to connect to the network, Novell ZENworks Network Access Control either blocks access or allows access by adding the endpoint IP address to the internal firewall.

DHCP mode — New end-users boot their computers. The boot process looks for an IP address and, because they are new end-users and no information is known about the endpoints, a temporary quarantined IP address is assigned. The end-users log in on the Windows login screen. The end-users start IE and Novell ZENworks Network Access Control attempts to test the endpoint. The endpoints either retain the quarantined IP address, or are assigned a non-quarantined network IP address based on the testing result.

802.1X mode — An endpoint attempts to connect to the network. The end-user’s identity is verified via an authentication server. If the endpoint is not authenticated, it is quarantined (allowed access to a limited VLAN). If the endpoint is authenticated, it is tested by Novell ZENworks Network Access Control. If the endpoint fails the Novell ZENworks Network Access Control testing, it is quarantined (allowed access to a limited VLAN). If the endpoint passes the Novell ZENworks Network Access Control testing, it is allowed access to the network (VLAN).