Difference in NAC between filter and certified devices

Unanswered Question
Dec 14th, 2007

I cannot seem to figure what what the difference is between filters and certfied devices in the NAC CAM interface. Both seem to allow devices to bypass authentication and posture assesment. When would one be perferred over the other?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
gojericho0 Fri, 12/14/2007 - 13:11

This topic was confusing to me as well when I first started with NAC. Let me see if I can help...


Filters provide requirements for authentication and posture assessment. It enables end-point devices to be checked for authentication, posture assessment, both, or neither based on either MAC address or Role assignment depending on the filter


A good example for something that you would be it the Allow category would be Printers or IP phones. Because these devices cannot authenticate you would always want them to have access to the LAN without NAC interference. You would add them to an ALLOW filter. The devices remain filtered unless you manually remove them


Certified Devices bypass posture assessment only. Authentication will still be required. These are best used with timers. For example, PCs that successfully complete authentication and posture assessment once are place in the certified device list. We have a certified device timer setup in our enviroment so that a device is checked for posture assessment once every two weeks. Once the two week window has expired all desktop PCs are removed from posture assessment and will once again have to be checked for compliance


You can use both filters and certified devices as a way of create role assignments in an OOB deployment.


HTH


Actions

This Discussion