Menu Bar

The menu bar on the main window provides access to NAC Manager functions. For information on menu options available from right-click menus, see Right-Click Menu Options.

Click the graphic for more information.

File Menu

File > Database > Initialize NAC Manager Components: Allows you to initialize all NAC Manager components in the Extreme Management Center database. This removes all NAC Manager data elements from the database. For more information, see How to Initialize NAC Manager Database Components.

File > Database > Backup/Restore NAC Configuration: A database backup saves the active NAC Configuration to a specified location on the Management Center server workstation. If the server is remote, the configuration is saved to the default backup location. The backup saves all NAC Configuration data, but does not save end-system or health result data. Use the database restore to restore a saved NAC Configuration as the active configuration.

File > Generate Configuration Report (PDF): Use this menu option to automatically generate a summary report of the NAC configuration information for your Extreme Access Control deployment. The report includes a summary of your Access Control engines, NAC configurations, NAC named lists, NAC profiles, AAA configurations, RADIUS servers, and engine details.

File > Exit: Exits the application.

Tools Menu

Tools > Setup Wizard: Opens the Initial Setup Wizard which assists you with first-time engine setup and configuration.

Tools > Authorization/Device Access: Opens the Authorization/Device Access window where you can define users and groups and configure their access to features available in Management Center applications.

Tools > Server Information: Opens the Server Information window where you can view and configure certain Management Center Server functions, including management of client connections, locks, and licenses.

Tools > Synchronize with Console: Opens the Synchronize Gateways with Console window where you can synchronize the NAC Manager device database with Console's database.

Tools > Enforce All: Writes NAC configuration information to all Access Control engines.

Tools > End-System Operations > Search for End-Systems: Opens the Search for End-Systems window where you can search your NAC Manager database for end-systems that match the search criteria you select.

Tools > End-System Operations > Search for End-Systems by Assessment Results: Opens the Search for End-Systems by Assessment Results window where you can search your NAC Manager database for vulnerable end-systems based on their assessment results.

Tools > End-System Operations > Import End-System Information: Opens a window where you can select a file for importing end-system information. This allows you to create a file that lists up to four custom values per MAC address, and then import that file into NAC Manager so the custom values display in the End-Systems tab when the end-system connects. The information in the file must be listed in CSV format, one line per end-system:
02.0A.40.0B.01.44, value1, value2, value3, value4

Tools > End-System Operations > View End-System Counts: Opens a window where you can view the total number of current end-systems seen on each switch. Limit counts by specifying a time range, if desired.

Tools > End-System Operations > Remove End-Systems: Opens the Remove End Systems window where you can remove end-systems from the tables and charts in the End-Systems tab and the Statistics tab.

Tools > End-System Operations > Data Persistence: Opens a window where you can view estimated row counts for several tables displayed in NAC Manager. You can perform a one-time data cleanup for these tables or edit the Data Persistence options.

Tools > Management and Configuration > NAC Configurations: Opens the NAC Configuration window where you can view and edit the selected NAC configuration.

Tools > Management and Configuration > Advanced Configurations: Opens the Advanced Configuration window that provides a central location to view and manage the configuration parameters for all aspects of your Access Control system.

Tools > Management and Configuration > Rule Groups: Opens the Manage Rule Groups window where you can view and edit the defined rule groups and also add new rule groups for use in your NAC configuration.

Tools > Management and Configuration > NAC Profiles: Opens the Manage NAC Profiles window where you can view and edit the seven system-defined NAC profiles that define the authorization and assessment requirements for the end-systems connecting to the network. You can also use the window to define new profiles.

Tools > Management and Configuration > Assessment Settings: Opens the Manage Assessment Settings window where you can manage and configure the assessment servers performing the end-system assessments in your network.

Tools > Management and Configuration > Notifications: Opens the Manage Notifications window where you can view created notifications, and enable, add, edit, and test specific notification rules.

Tools > Management and Configuration > MAC Locks: Opens the Manage MAC Locks window that displays information about all the MAC addresses that are locked. You can also add or delete locked MAC addresses, or import MAC locks from a file.

Tools > Management and Configuration > End-System Zones: Opens the Manage End-Systems Zones window where you can view and define the authorized end-system zones and authorized rule groups that are configured for your NetSight user groups.

Tools > Management and Configuration > Data Center Fabric: Opens the Manage Data Center Fabric window. If your network uses the Data Center Manager (DCM) product, you can use this window to view a list of virtual/physical network configurations and how they map to the overall network and security configuration.

Tools > Registration Administration: Opens the Registration Administration web page where you can view registered devices and users, and manually add, delete, and modify users.

Tools > Identity and Access Dashboard: Opens the Control tab where you can access NAC Manager end-system data via Management Center.

Tools > Update Enterprise License: Allows you to apply a NAC Enterprise or Enterprise Assessment license to the Management Center server. For more information, see NAC Enterprise Licensing.

Tools > Options: Opens the Options window where you can set suite-wide options and NAC Manager options.

Applications Menu

Lets you launch other installed Management Center applications from NAC Manager. You can also customize the Applications menu to launch your own applications. For more information, see How to Add Applications to the Applications Menu.

Help Menu

Help > Topics: Opens the NAC Manager Help system.

Help > NetSight Tips and Tutorials: Opens your system's Web browser and takes you to the Management Center Tips and Tutorials where you can access Flash tutorials on the Management Center suite of products.

Help > Release Notes: Displays the NAC Manager Release Notes for the current release.

Help > Support Center: Opens the Extreme Networks Support website.

Help > Check for Updates: Allows you to update NAC Manager with the latest software patches. For more information, see Setting Web Update Options.

Help > Check for Assessment Updates: Opens the Updates Available window that lists any assessment software updates that are available for updating your on-board agent-less assessment servers in your Access Control engines.

Help > Getting Started: Displays the Getting Started help topic that provides the basic steps you must perform to begin using NAC Manager in your network.

Help > About This Window: Displays detailed information about the currently selected right-panel tab. This menu option serves the same function as the Help button on the toolbar.

Help > About NAC Manager: Displays the NAC Manager version and copyright information.

Right-Click Menu Options

The following menu options are only available from right-click menus. They are listed in alphabetical order.

Add Appliance Group: Opens a window where you can create an engine group and select the NAC Configuration specifying the authentication and assessment (scanning) requirements for the end-systems connecting to that group. An engine group is a "virtual container" that includes the Access Control engines, the switches in the network, and the NAC configuration utilized. Most NAC deployments only use one engine group configured for the network and in that case, the "engine group" is the All NAC Appliances folder in the left-panel tree. However, an example of a network that may require separate engine groups is a network in which there are remote offices that want completely different Access Control functionality than the main branch. These remote offices need to have their own Access Control engines in a separate group. In this case, the separate engine groups are listed in the left-panel tree.

Add MAC Lock: Opens the Add MAC Lock window where you can lock a MAC address to a specific switch or port on a switch so that the end-system can only access the network from that port or switch.

Appliance Group Properties: Opens the Appliance Property Editor. Please contact Extreme Networks Support for instructions on how to use this window.

Appliance Properties: Opens the Appliance Property Editor. Please contact Extreme Networks Support for instructions on how to use this window.

Appliance Settings: Opens the Appliance Settings window where you can access advanced configuration options for the selected engine or engine group.

Change Appliance Group: Lets you move an engine from one group to another.

Change Appliance Settings: Lets you change the engine settings for an engine group.

Clear Custom Information: Right-click on one or more end-system in the End-Systems tab and select this menu option to clear the custom information for those end-systems.

Delete Appliance: Lets you delete the selected engine from the NAC Appliances tab.

Delete Appliance Group: Lets you delete the selected engine group from the NAC Appliances tab.

Edit Appliance Settings: Opens the Edit Appliance Settings window that provides advanced configuration options for Access Control engines. NAC Manager comes with a default engine settings configuration. If desired, you can edit these default settings or you can define your own settings to use for your Access Control engines.

Edit Custom Information: Right-click on an end-system in the End-Systems tab and select this menu option to add or edit the custom information for that end-system.

Enforce: Lets you enforce to an individual Access Control engine.

Enforce Group: Lets you enforce to all the Access Control engines in a group.

Enforce Preview: Provides a preview of what is being enforced/updated on the engine.

Enforce Policy Manager Domain Configuration: For one or more switches in the Switches tab, this option lets you add or move a device to a Policy Manager domain and enforce the domain configuration to that device.

Launch CPU Utilization View: For one or more engines in the NAC Appliance tab, this option lets you open the Host Processor Load FlexView.

Launch Memory and Disk Space Utilization View: For one or more engines in the NAC Appliance tab, this option lets you open the Host Storage FlexView.

Launch MIB Tools: For a switch in the Switches tab, this option lets you launch the MIB Tools utility.

Launch Node Alias and Multi Auth View: For one or more switches in the Switches tab, this option lets you open the Node Alias and Multi Auth FlexView.

Launch RADIUS Client Information View: For one or more switches in the Switches tab, this option lets you open the RADIUS Client Information FlexView.

NAC Appliance Log: Displays the Access Control engine log, located at /var/log/tag.log on the engine. NAC Manager uses this log for informational, diagnostics, and error messages.

Override AAA Configuration: For a single engine, this option lets you override the AAA Configuration that is specified for the engine group.

Override Appliance Settings: For a single engine, this option lets you override the engine settings that are specified for the engine group.

Ping: Launches the Ping Device window and initiates a ping of the selected engine.

Ping End-System: Right-click on an end-system in the End-Systems tab and select Ping End-System to open a window where you can ping the end-system to determine if it can be contacted. View the results of the ping in the log in the window. Click Clear to enter another IP address or host name.

Policy > Port Configuration Wizard: For one or more switches in the Switches tab, this option accesses the Policy Manager Port Configuration Wizard. Select from pre-configured defaults for MAC, 802.1X, or MAC + 802.1X authentication, or select the complete wizard which leads you through all the steps required to configure a port or ports, including setting the port authentication configuration and default role. (If the devices are not in a domain or are in more than one domain, any role specific configuration, such as setting the default role, is disabled.)

Policy > Display Domains Associated with Switches: For one or more switches in the Switches tab, this menu option retrieves the Policy Manager domains associated with the switches and displays them in the Policy Domain column in the tab.

Policy > Set Domain: For one or more switches in the Switches tab, this option lets you assign the switch to a Policy Manager domain.

Policy > Verify Domain Policy Settings with Network: For one or more switches in the Switches tab, this menu option verifies that the roles in the assigned Policy Manager domain are enforced to the switch.

Policy > Enforce Domain Policy Settings with Network: For one or more switches in the Switches tab, this menu option enforces the roles in the assigned Policy Manager domain to the switch.

Poll Appliance(s): If the Access Control engine icon is red, this menu option gives you a quick way to verify if the engine is back up.

SSH: Launches an SSH console session to the selected Access Control engine or switch.

Table Tools

Use the table options and tools to find, filter, sort, print, and export information in NAC Manager tables, and customize table settings. You can access the Table Tools through a right-mouse click on a column heading or anywhere in the table body. For more information, see the Suite-Wide Tools Help topic on Table Tools.

Telnet: Launches a telnet session to the selected switch's Local Management.

Verify RADIUS Configuration: This right-click menu option is available when an Access Control Gateway or Layer 2 Access Control Controller engine is selected in the NAC Appliance tab. It is also available by selecting one or more switches in the Switches tab. The option lets you perform a Verify RADIUS Configuration operation.

View Selected: This right-click menu option is available when one or more end-systems are selected in the End-Systems table. It allows you to filter down to a smaller set of end-systems, by opening a new window that only displays the selected end-systems.

WebView: Launches the NAC Appliance Administration web page where you can access status and diagnostic information for the selected Access Controlengine. The default user name and password for access to this web page is "admin/Extreme@pp." Change the username and password in the Web Service Credentials field on the Credentials Tab in the Edit Appliance Settings window.