Genian NAC Policy Server can be deployed in the cloud or on-premises. In your case, you can provide NAC as a service to your clients through the Cloud to manage multiple client sites more effectively and economically. (See the benefits of Cloud NAC for MSP)
As for controlling unauthorized devices, you can consider three different options.
- Set a Policy to block all unauthorized MAC Addresses. To allow temporary (or permanent) access for new detected devices, Go to Node Management view, find the IP/MAC address in question, then go to the IPAM tab and select Allow MAC. This can only be done manually, but you will be notified once unauthorized accesses are detected.
- Use the Captive Web Portal service which can verify end user’s information (e.g. username, password, ) to guide them to the appropriate network resources. If they do not know, or are not given a username and password, they will be redirected to follow certain steps to be authorized.
- Use the Agent to check the security status of endpoints more granularly prior to access. It will check whether or not they meet the baseline requirement (e.g. Check Windows update status, Anti-virus installed/running, Anti-virus update status, allowed Software, etc.) You can set up various Agent Actions using over 500 conditions we have predefined and available immediately upon installation.