Professional Documents
Culture Documents
Solucin
embebida
NAC Framework
Software module
embedded within NACenabled products
Integrated framework
leveraging multiple Cisco
and NAC-aware vendor
products
Solucin
con equipo
Network
Access
Devices
Policy Server
Decision Points
and Remediation
Enforcement
Credentials
AAA
Server Credentials
Credentials
EAP/UDP,
Cisco
Trust
Agent
EAP/802.1x
Notification
HTTPS
RADIUS
Access Rights
Comply?
Vendor
Servers
NAC Components
Cisco NAS
Serves as an in-band or out-of-band
device for network access control
Cisco NAM
Centralizes management for
administrators, support personnel,
and operators
M
G
R
Cisco NAA
Optional lightweight client for
device-based registry scans in
unmanaged environments
Rule-set updates
Scheduled automatic updates for
antivirus, critical hotfixes, and other
applications
THE GOAL
M
G
R
2.
Host is
redirected to a login page.
Cisco NAC Appliance validates
username and password, also
performs device and network
scans to assess vulnerabilities
on device.
3a.
Device is noncompliant
or login is incorrect.
Authentication
Server
Cisco NAM
Cisco NAS
3.
Intranet/
Network
Quarantine
Role
3b.
Device is clean.
Machine gets on certified
devices list and is granted
access to network.