select switch for NAC appliance environment

Unanswered Question
Feb 27th, 2008

Hi,

Would you please help me to select the appropriate access switch model?

In the LAN there will be NAC appliance installed in OUT-OF-BAND mode.

I am considering to use 2960 switches, as I need only L2 in the LAN access. Still, do the 3560 or 3750 offer more security functionality when they are managed by the NAC appliance?

Regards,

Mladen

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
bwilmoth Tue, 03/04/2008 - 09:58

For IB deployments, Cisco NAC Appliance is agnostic to switch/router platforms and versions. IB deployments can be Layer 2 (L2) or Layer 3 (L3):

For L2 deployments, user MAC/IP addresses need to be visible to the CAS.

For L3 deployments (i.e. where the CAS can be one or more hops away from the user), the CAS differentiates users by IP address.

http://www.cisco.com/en/US/docs/security/nac/appliance/support_guide/switch_spt.html

Actions

This Discussion