01-28-2008 10:03 PM - edited 02-21-2020 01:52 AM
Hello there!
I have 2 NAC Appliance 3310. I want to configure them both as Clean Access Servers(CAS). One will be fail over for the other. In this deployment i will have no Clean Access Manager. Is this possible? If possible how will i configure the CAS without CAM? Is it possible also to install the CAM software in a different hardware other than NAC Appliances(Like normal PCs or Server machines)
Best regards,
Stanslaus.
01-29-2008 01:47 PM
Hi Stanslaus,
You need one Clean Access Manager (CAM) and one Clean Access Server (CAS) at a minimum to make any In-band or Out-of-band solution work. What's more, the CAM and the CAS cannot be installed on the same server.
Here are some excellent references to consult:
http://www.networkworld.com/community/heary
http://blog.tenablesecurity.com/
http://blogs.cisco.com/security
http://www.demolabs.co.uk/cisconac_demo.html
Cisco Security Center http://tools.cisco.com/security/center/home.x
Books:
Cisco NAC Appliance: Enforcing Host Security with Clean Access by Jamey Heary, Jerry Lin, Chad Sullivan, Alok Agrawal. (2007)
Hope this helps.
Best,
Paul
01-30-2008 01:35 AM
Hi Paul,
Thank you very much.
Regards,
Stanslaus.
01-30-2008 01:02 AM
Hi!!!
As fas as my understanding goes, in NAC we must have to have at least one CAM.
In CAM all configuration is done & the CAS will deliver the same to NAC compliant end devices.
Without CAm how will this be done???
CAM s/ u can't install on different servers!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: