UNETSHA is a plug-in for extending the Microsoft NAP platform’s security health check capabilities as well as its interoperability with third-party endpoint security solutions. It enables more granular network access control in enterprise-wide NAP implementations that include heterogeneous network terminals such as Windows, Linux and Mac OS X. UNETSHA can perform a variety of health check functions including quarantining user terminals that try to open specific ports that are used by worms, enforcing application patches, and sending warning messages to the terminals that do not have required software or run prohibited software such as P2P programs. These actions are based on examining file sizes, installed programs, process monitoring status, registry keys, components in INI files, etc.
UNETSHA also supports Windows Management Instrumentation (WMI) which is used to manage the configuration, status and operational aspects of hardware and software in Windows, and administrators can use these managed objects as NAP policy objects. Through the use of over 7,000 managed objects, administrators can set up a vast number of different policy sets. By utilizing this feature, terminals using mass storage devices such as external HDDs, CD writers or unauthorized wireless network adapters can be quarantined from the corporate network.
Application Examples

Administrator who wants to add the following rules into their network access policy in terms of compliance can:

  • Quarantine PCs trying to open particular ports used by known worms.
  • Send a warning message to incompliant user’s terminals that are not running required software or running banned software.
    • Required software: Security client, Groupware client ...
    • Banned software: P2P, Online trading, Gambling ...
  • Check and modifies the registry value (or INI file that contain configuration information) to enforce application patch installation.
  • Migrate NAQC in Windows Server 2003 to NAP in Windows Server 2008 to maintain leagcy remote access control.
  • Control terminals with mass storage devices attached (CD writers or USB drives) to protect against information leaks.
  • Control terminals with shared folders to protect against information leaks.
  • Include heterogeneous terminals (i.e. Linux, Mac) in Microsoft NAP platform.
  • Control terminals trying to connect to the wireless network to protect against information leaks.