50 EAD C ONFIGURATIONIntroduction to EAD Endpoint admission defense (EAD) is an attack defense solution that monitorsendpoint admission. This enhances the active defense ability of endpoints, andprevents viruses and worms from spreading on the network. With the cooperationamong security client, security policy server, access device, and antivirus software,EAD confines the endpoints that fail to comply with the security requirements tothe quarantine area, thereby preventing hazardous terminals from compromisingnetwork security.With EAD enabled, the switch determines the validity of session control packets itreceives according to the source IP address of the packets. Only those sessioncontrol packets sent from the authentication server and the security policy servercan be regarded as valid.Basic EAD functions are implemented through the cooperation among securityclient, security cooperation device (switch), security policy server, antivirus server,and patch server, as shown in Figure 136.Figure 136 EAD basic principleTypical NetworkApplication of EADThe EAD scheme checks the security status of the user, and implements the useraccess control policy forcibly according to the result. Therefore, thosenon-compliant users are isolated and are forced to upgrade virus database