cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
385
Views
8
Helpful
3
Replies

NAC deployment

Hello there!

I have 2 NAC Appliance 3310. I want to configure them both as Clean Access Servers(CAS). One will be fail over for the other. In this deployment i will have no Clean Access Manager. Is this possible? If possible how will i configure the CAS without CAM? Is it possible also to install the CAM software in a different hardware other than NAC Appliances(Like normal PCs or Server machines)

Best regards,

Stanslaus.

3 Replies 3

pmccubbin
Level 5
Level 5

Hi Stanslaus,

You need one Clean Access Manager (CAM) and one Clean Access Server (CAS) at a minimum to make any In-band or Out-of-band solution work. What's more, the CAM and the CAS cannot be installed on the same server.

Here are some excellent references to consult:

http://cisconac.blogspot.com/

http://www.networkworld.com/community/heary

http://blog.tenablesecurity.com/

http://blogs.cisco.com/security

http://6200networks.com/

http://www.demolabs.co.uk/cisconac_demo.html

Cisco Security Center http://tools.cisco.com/security/center/home.x

Books:

Cisco NAC Appliance: Enforcing Host Security with Clean Access by Jamey Heary, Jerry Lin, Chad Sullivan, Alok Agrawal. (2007)

Hope this helps.

Best,

Paul

Hi Paul,

Thank you very much.

Regards,

Stanslaus.

acharyr123
Level 3
Level 3

Hi!!!

As fas as my understanding goes, in NAC we must have to have at least one CAM.

In CAM all configuration is done & the CAS will deliver the same to NAC compliant end devices.

Without CAm how will this be done???

CAM s/ u can't install on different servers!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: