NAC on IOS security routers

Unanswered Question
Oct 6th, 2008


we want to implement a NAC solution for people dialing from home and going to internet via our internet router.

this router contains the security feature and is NAC enabled (we can see this from web interface)

however, one cisco partner suggest to use clean access server and not the security router.

is there any advantage of using clean access servers or limitation for security rtr.

note: we only need to check for windows updates and antivirus updates

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
mchin345 Fri, 10/10/2008 - 11:56

The Cisco Network Admission Control (NAC) Appliance (also known as Cisco Clean Access) is a powerful, easy-to-use admission control and compliance enforcement solution. With comprehensive security features, in-band or out-of-band deployment options, user authentication tools, and bandwidth and traffic filtering controls, Cisco NAC Appliance is a complete solution for controlling and securing networks. As the central access management point for your network, Cisco NAC Appliance lets you implement security, access, and compliance policies in one place instead of having to propagate the policies throughout the network on many devices.

Cisco NAC Appliance is a network-centric integrated solution administered from the Clean Access Manager web console and enforced through the Clean Access Server and (optionally) the Clean Access Agent/Cisco NAC Web Agent. Cisco NAC Appliance checks client systems, enforces network requirements, distributes patches and antivirus software, and quarantines vulnerable or infected clients for remediation before clients access the network.

Clean Access Policy Updates-Regular updates of pre-packaged policies/rules that can be used to check the up-to-date status of operating systems, antivirus (AV), antispyware (AS), and other client software.

For further information click this link/


This Discussion