1.2.9. Plugins

A really interesting component in OpenNAC is the plugins. These plugins can run many different capabilities for network access control:

  • Plugins related to the asset discovery process.

  • Plugins related to network orchestrations (NGFW and MDM).

  • Plugins related to asset profiling.

  • Plugins related to two-factor authentication (2FA).

  • Plugins related to asset registration, categorization, and control.

It is possible to set the default configuration parameters for Plugins in Configuration -> Plugins at the TAB Plugins. These are default values but remember that in ON NAC -> Policies it is possible to define specific parameters for each policy.

To see the plugin in the policy engine, first enable it in the configuration vars.

../../../_images/plugins.png


There are synchronous and asynchronous Plugins

Synchronous: These plugins will be executed with the authentication process, and they will modify the results of policy evaluation. In synchronous plugins, the name is always preceded by the term Sync.

Asynchronous: These plugins will be executed with the independence of the authentication process to get more information about assets, and the result of plugin execution will not modify the policy evaluation.