7.4. Summary
The following are key points from this chapter:
The Cisco NAC Framework requires the use of Cisco network infrastructure switches and routers to initiate NAC posture checking and enforce access restrictions.
This solution can consist of a mix of Cisco networking components and components from other vendors.
Key components of the NAC Framework from Cisco are the Access Control Server (ACS), Network Admission Device (NAD), and the Cisco Trust Agent (CTA).
The NAC Framework assesses, quarantines, and helps facilitate remediation on devices as they physically connect to the corporate LAN, as well as when they access the LAN via VPN.
This solution is available in Client and Clientless modes. Clientless requires the use of a third-party audit server.
This solution can require that authentication take place to provide access to the network.
This solution does not address mobile devices while they are mobile and not connected to the corporate network.
PPs are provided by security vendors to communicate the status of security applications to the CTA.
The last two chapters have detailed both of Cisco's LAN-based NAC solutions. Chapter 8 will now move onto Mobile NAC by detailing Fiberlink's Mobile NAC solution.
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
