NAC Framework and CTA

Unanswered Question
Mar 11th, 2009
User Badges:

I've had a NAC Framework test environment (ACS 4.0 & CTA 2.1) for a couple of years now. We finally have the green light to move forward into production so I'm bringing more machines into the lab for additional testing.


I went to download the CTA again today as I couldn't find my original file and I see this in the 2.1 release notes (which I don't remember seeing before):



"Cisco Secure Services Client (SSC) replaces the CTA 802.1x Wired Client as the preferred supplicant in a deployment of the NAC security solution. NAC is supported for use in a wired network environment."



So should I now download the non-supplicant version of CTA and use it with SSC? I'm not sure I see the benefit of that.


Plus wouldn't that mean my switchports would need to be configured for both 802.1x and EAPoUDP for auth and posture respectively since the non-supplicant CTA doesn't use 802.1x like the supplicant version.


The above is the reason I hadn't used the CTA on any Mac clients and just do 802.1x with no posture for them.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
APatotski Thu, 07/23/2009 - 23:13
User Badges:

Hello JASON,


You can use SSC with non-supplicant CTA in 802.1x NAC framework environment. You do not need to config EAPoUDP on switchports.



Actions

This Discussion