7.3. The Purpose of Cisco NAC
By now, you should have a clear understanding of the purpose of Cisco Clean Access (Cisco NAC Framework). It is a technology that helps protect the LAN from unauthorized users and devices, and it is a technology used to control the access of devices that have a deficient security posture. From a product perspective, Cisco describes the purpose and benefits of the Cisco NAC Framework as follows:
NAC works with antivirus, patch management, and Personal Firewall software to assess the condition, called the posture, of a client before allowing that client network access. NAC helps ensure that a network client has an up-to-date virus signature set, the most current operating system patches, and is not infected. If the client requires an antivirus signature update or an operating system update, NAC directs the client to complete the necessary updates. If the client has been compromised or if a virus outbreak is occurring on the network, NAC places the client into a quarantined network segment. After the client has completed its update process or disinfection, the client is checked again.
Based on the technical solution as it's been described in this chapter, let's now compare how the solution stands up to the various types of users who may be accessing the network.
7.3.1. Unauthorized Users
As with Clean Access, a big reason why companies look at a NAC solution is to control unauthorized access to their LANs. The Cisco NAC Framework can control this problem ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
