Product Documentation

Configuring Network Access Control (NAC)

Oct 20, 2015

If you have a Network Access Control (NAC) appliance set up in your network, such as a Cisco ISE, you can enable filters to set devices as compliant or not compliant for NAC, based on rules or properties. If a Device Manager managed device does not meet the specified criteria , and thus is marked Not Compliant, the device will be blocked on your network by the NAC appliance.

To set unmanaged devices as not compliant, enable the associated filter and set to Not Compliant. The Implicit Compliant / Not Compliant filter sets the default value only on devices that are managed by XenMobile. For example, any devices that have a blacklisted app installed and/or are not enrolled are marked as Not-Compliant and will be blocked from your network by the NAC appliance.

The NAC compliance filters are as follows:

  • Blacklisted Apps.
  • Rooted Android/Jailbroken iOS Devices
  • Revoked Status
  • Unmanaged Devices.
  • Suggested Apps Only
  • Inactive Devices
  • Anonymous Devices
  • Out of Compliance Devices
  • Encryption
  • Implicit Compliant/Non-Compliant. Indicates that if none of the above filters matches, returns device to be compliant or not (according to the option selected).