NAC Out-of-Band Deployment for wireless networks

Answered Question
Aug 25th, 2008

I am evaluating the NAC appliance for my wired and wireless users. I have read that the only way to deply NAC for wireless is in-band mode but it looks like the following link says that it is possible to deply NAC for wireless networks in-band or out-of-band mode:


"NAC Appliance can be deployed for WLANs as an in-band deployment for full-time endpoint scanning or out-of-band within a central site for periodic scanning to confirm posture compliance. The NAC Appliance server performs authentication, posture assessment, and remediation. The server securely controls authenticated and unauthenticated user traffic by managing traffic policies based on protocol/port or subnet, providing bandwidth policy management based on shared, or per-user bandwidth, or using time-based sessions and heartbeat controls. (Figure 1)"

http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6521/prod_brochure0900aecd80355b2f_ps6128_Products_Brochure.html


Does anyone know if it is possible to use NAC out-of-band deployment for wireless networks? If you can point me to some documentation it will be appreciated.


Regards


Correct Answer by ROBERT WATSON about 8 years 6 months ago

That is correct

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ROBERT WATSON Wed, 08/27/2008 - 07:23

With Current releases of NAC your only option is IN-BAND either in VG or RIP


If you have wism-2's then possibly wait a year and see whats coming

vicente.madrigal Thu, 08/28/2008 - 08:07

Thanks Robert.


In my case I am planning to deploy a central NAC appliance at the main office to control some branch offices and local wired users at the main office. The NAC appliance will operate in out-of-band mode. But for wireless users at the main office I will need an aditional NAC appliance operating in in-band mode, is this correct?


Regards

Actions

This Discussion