3Com Switch 7750 Configuration Guide Guide
49
EAD CONFIGURATION
Introduction to EAD Endpoint admission defense (EAD) is an attack defense solution that monitors
endpoint admission. This enhances the active defense ability of endpoints, and
prevents viruses and worms from spreading on the network. With the cooperation
among security client, security policy server, access device, and antivirus software,
EAD confines the endpoints that fail to comply with the security requirements to
the quarantine area, thereby preventing hazardous terminals from compromising
network security.
With EAD enabled, the switch determines the validity of session control packets it
receives according to the source IP address of the packets. Only those session
control packets sent from the authentication server and the security policy server
can be regarded as valid.
Basic EAD functions are implemented through the cooperation among security
client, security cooperation device (switch), security policy server, antivirus server,
and patch server, as shown in
Figure 133.
Figure 133 EAD basic principle
Typical Network
Application of EAD
The EAD scheme checks the security status of the user, and implements the user
access control policy forcibly according to the result. Therefore, those
non-compliant users are isolated and are forced to upgrade virus database