Operation Manual – AAA & RADIUS & HWTACACS & EADH3C S7500 Series Ethernet Switches Chapter 2 EAD Configuration2-1Chapter 2 EAD ConfigurationWhen configuring EAD, go to these sections for information you are interested in:z Introduction to EADz Typical Network Application of EADz EAD Configurationz EAD Configuration Example2.1 Introduction to EADEndpoint admission defense (EAD) is an attack defense solution that monitors endpointadmission. This enhances the active defense ability of endpoints, and prevents virusesand worms from spreading on the network. With the cooperation among security client,security policy server, access device, and antivirus software, EAD confines theendpoints that fail to comply with the security requirements to the quarantine area,thereby preventing hazardous terminals from compromising network security.With EAD enabled, the switch determines the validity of session control packets itreceives according to the source IP address of the packets. Only those session controlpackets sent from the authentication server and the security policy server can beregarded as valid.Basic EAD functions are implemented through the cooperation among security client,security cooperation device (switch), security policy server, antivirus server, and patchserver, as shown in Figure 2-1.