Cisco NAC Appliance
Enforcing Host Security with Clean Access
Authenticate, inspect, remediate, and authorize end-point devices using Cisco NAC Appliance
Jamey Heary, CCIE® No. 7680
Contributing authors: Jerry Lin, CCIE No. 6469,
Chad Sullivan, CCIE No. 6493, and Alok Agrawal
With today's security challenges and threats growing more sophisticated, perimeter defense alone is no longer sufficient. Few organizations are closed entities with well-defined security perimeters, which has led to the creation of perimeterless networks with ubiquitous access. Organizations need to have internal security systems that are more comprehensive, pervasive, and tightly integrated than in the past.
Cisco® Network Admission Control (NAC) Appliance, formerly known as Cisco Clean Access, provides a powerful host security policy inspection, enforcement, and remediation solution that is designed to meet these new challenges. Cisco NAC Appliance allows you to enforce host security policies on all hosts (managed and unmanaged) as they enter the interior of the network, regardless of their access method, ownership, device type, application set, or operating system. Cisco NAC Appliance provides proactive protection at the network entry point.
Cisco NAC Appliance provides you with all the information needed to understand, design, configure, deploy, and troubleshoot the Cisco NAC Appliance solution. You will learn about all aspects of the NAC Appliance solution including configuration and best practices for design, implementation, troubleshooting, and creating a host security policy.
Jamey Heary, CCIE® No. 7680, is a security consulting systems engineer at Cisco, where he works with its largest customers in the northwest United States. Jamey joined Cisco in 2000 and currently leads its Western Security Asset team and is a field advisor for its U.S. Security Virtual team. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP®, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. He has been working in the IT field for 13 years and in IT security for 9 years.
Understand why network attacks and intellectual property losses can originate from internal network hosts
Examine different NAC Appliance design options
Build host security policies and assign the appropriate network access privileges for various user roles
Streamline the enforcement of existing security policies with the concrete measures NAC Appliance can provide
Set up and configure the NAC Appliance solution
Learn best practices for the deployment of NAC Appliance
Monitor, maintain, and troubleshoot the Cisco NAC Appliance solution
This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.
Category: Cisco Press–Security
Covers: End-Point Security