ARCHIVED: Use OnGuard for students who need direct network access to databases and/or remote desktop
On this page:
Direct network access for students
For security purposes, access to certain protocols (for example, remote desktop, direct access to databases) are not normally allowed for students on the IU network. If you need access to such services, access may be available via IUanyWare, or an exception may be granted by following both these steps:
- Email the University Information Policy Office (UIPO) requesting an exception for student wireless access, including the reason you need the exception.
- After UIPO notifies you that your exception has been granted, you will then need to install and run ClearPass Onguard, available from IUware.
Install and run ClearPass OnGuard
After installation, OnGuard will run a health check on your system; either a "healthy" or an "unhealthy" result will be displayed. If unhealthy, a message will be display as to the cause(s).
- Healthy will grant your exception
- Unhealthy will not grant the exception, but you will be given limited wireless access. You will then need to take measures to fix the reasons for the unhealthy state, and then re-run OnGuard.
Windows
- Download the ClearPass OnGuard client for Windows.
- Double-click the
.exe
file to open it. - When the installer window opens, select your language, and then click .
- The next window is the introduction to the Clearpass OnGuard set up. Click .
- Read the end user license agreement. If you accept it, check the box, and then click .
- After installing, a window will pop up letting you know that the installation has finished. Check the box for , and then click .
- The ClearPass OnGuard window will appear, showing that it is collecting the health information about your machine (firewall, updates, and antivirus).
- When the health check is completed, you will see a message indicating whether your system is healthy or unhealthy.
macOS
- Download the ClearPass OnGuard client for Mac.
-
Double-click the
.dmg
file to open it, and then double-click the icon.If you receive an error message indicating the file can't be opened because it is from an unidentified developer, follow the steps in About the application firewall before continuing.
- When the installer opens, click .
- Read the end user license agreement. If you accept, click .
- If you are prompted for your computer's username and password, enter your credentials. Click .
- A window will pop up to let you know when the installation has finished. Click .
- The ClearPass OnGuard window will appear, showing that it is collecting the health information about your machine (firewall, updates, and antivirus).
- When the health check is completed, you will see a message indicating whether your system is healthy or unhealthy.
Linux
Download the ClearPass OnGuard client for Linux.
OnGuard details
ClearPass OnGuard performs vital endpoint health checks and posture assessments automatically to ensure that all laptops are fully compliant with industry and internal requirements before they connect to wired and/or wireless networks.
In addition to system-wide per-session NAC protection, you can specify whether to allow or deny peer-to-peer applications or USB storage devices. Network access can be denied if storage is not encrypted and IT can be sure that laptops brought to the help desk have the latest patches and hot fixes.
You can automatically remediate or quarantine endpoints that are not in compliance with corporate posture policies. Using the administrator dashboard, it's easy to keep an eye out for non-compliant devices, users, and the reasons for non-compliance.
Real-time endpoint compliance
Depending on operating system type, OnGuard performs the following level of posture and health checks:
Windows | macOS | |
---|---|---|
Installed applications | X | X |
Antivirus | X | X |
Antispyware | X | X |
Firewall | X | X |
Disk encryption | X | X |
Network connections | X | X |
Processes | X | X |
Patch management | X | X |
Peer to peer | X | X |
Services | X | X |
Virtual machines | X | X |
Windows hotfixes | X | |
USB devices | X | X |
File check | X | X |
System requirements
Windows:
- Support for Windows 10 and Windows 8.x
- Can be run as a service
Mac:
- Support for macOS
Linux:
- Support for Red Hat Enterprise Linux 4 or above
- Ubuntu 12.x LTS and 14.x LTS
- Community Enterprise Operation System (CentOS) 4 or above
- Fedora Core 5 or above
- SUSE Linux 10.x
Support agents
OnGuard persistent agent | OnGuard dissolvable agent | Microsoft's NAP agent | |
---|---|---|---|
Windows | X | X | X |
macOS | X | X | |
Linux* | X* | X |
*Persistent agent supported on Ubuntu endpoints running 12.x LTS or 14.x LTS
This is document bfni in the Knowledge Base.
Last modified on 2020-03-06 14:14:29.