Customer Support

 

Frequently Asked Questions

NetClarity has trained our worldwide partners to provide Tier 1 support.  However, should you require direct support, please first contact your local reseller.  If you do not receive the level of support you desire, please contact us directly at 781-276-4555 x2054 or via email at support@netclarity.net.

For more Frequently Asked Questions (FAQ), please contact support@netclarity.net

QUESTION:  How can I change the date for the Auto Update of the Vulnerability Signatures?

 

ANSWER: It's either automatically updated daily or you can click Update Now to run a manual update.  We run a web-based secure subscription service on the backend.

 

QUESTION:  How come we cannot upgrade the ISO 27001/17799 Policy?  The selection button is dimmed.

 

ANSWER: If you already have the policy tool installed then no upgrade is available. Go to the compliance area - if ISO27001 opens spreadsheet - you are in.  Remember if you copy it we violate an ISO.org license - it's per customer and they are very strict.

 

QUESTION:  When Does the NACwall check on a new device that connects to the network?

 

ANSWER: NACwall dynamically detects a new device if you enable DDS; otherwise a new device can be found by running asset discovery.

 

QUESTION:  How do I remove the client that is in MAC IP Mismatch list?

 

ANSWER: Go to Network Admission Control/Manage IP and select Mange MAC IP Mismatch list. This will show all clients in MAC IP Mismatch list. Select the one you wan to delete.

 

QUESTION:  In the attached report, we fixed all the vulnerabilities. Shouldnt the Fixed Vulnerabilities Graph look the same as Total Discovered Vulnerabilities? 

If you look at the report, the jobs are closed and all vulnerabilities are fixed.

 

ANSWER: NACwall wont consider vulnerability is fixed even though the job status for this vulnerability is fixed. You have to run a differential Audit again to detect that this vulnerability is really fixed.

 

QUESTION:  Under the Fixed CVEs, how do we keep track of the vulnerabilities that have been fixed?

ANSWER: Go to Workflow/My Ticket Log/View MainAccount's Closed Jobs, you can see the detailed information of the closed jobs for MainAccount.

QUESTION:  In the bank network environment, the ICMP traffic is blocked; doesnt this affect the Network Discovery function?  Is the NACwall still able to discover the server(s)?  Does the NACwall use only thePing packet to discover the asset?

 

ANSWER:  NACwall uses Ping combined with other technologies to discover the assets. Even ICMP traffic is blocked; NACwall is able to discover the assets.

 

QUESTION:  In the Dynamic Detection feature, what protocol does it use to dynamically detect the asset?

 

ANSWER:  DHCP

 

 

QUESTION:  How does the NACwall know if it is in compliance with ISO27001 for reporting purposes?

 

ANSWER:  NACwall tests for CVEs which could cause a breach of Confidentiality, Availability and/or Integrity (CIA) which would cause risk of out of ISO compliance.  Also, the ISO27001/17799 policy builder tool helps audit/test/build ISO compliant policies that are corporate wide and out of the core scope of the appliance.

 

QUESTION:  Does the NACwall authenticate MAC addresses (if so, any protocol?) so assets will not spoof MAC addresses?

 

ANSWER:  I don't think we can guarantee the MAC is real/correct not spoofed but we can see if multiple IPs has the same MAC and this shows up in the Manage Assets - MAC/IP mismatch drop down.

 

QUESTION:  Is the NACwall compatible with CPSS?

 

ANSWER:  If you mean Committee on Payment and Settlement Systems (CPSS), yes but it does not guarantee that transactions are secure.  By removing CVEs that could breach CIA, one can show steps of due care and due diligence for CPSS...plus using our best-practices ISO and basic policy tools.

 

QUESTION:  Why do I get a certificate error in Internet Explorer?

 

ANSWER:  We assign NACwalls certificate ourselves. IE 6 and Firefox allow people to accept and install this certificate without any problem.

 

IE 7 considers all self-assigned certificate un-trusted, so we will see a certificate error message if opening NACwalls login page in IE 7. But you can accept and install certificate to get rid of this error message. Following steps show how to do it:

 

  1. First ignore the warning and proceed by clicking on Continue to this website (not recommended)
  2. You will see a red Address Bar next to a Certificate Error icon.
  3. Click on the Certificate Error button to open the information window. Click on View Certificate. Then click on Install Certificate. You'll see yet another warning. Click on yes, and then you're done.

 

QUESTION:  Can we integrate more than one switch within the same network LAN? 

ANSWER:  Yes. 

QUESTION:  Are there any requirements other than having enabled DHCP to be able to run the Dynamic Detection? 

ANSWER:  No

 

QUESTION:  For a large network, there will be NetClarity devices for each segment. Is there a centralized control for all these NetClarity devices? Do they share the common trusted MAC list? Can they share same set of policy?

 

ANSWER:  There is a centralized way of communicating to multiple boxes.