NAC Deployement

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Federico Coto F... Mon, 04/26/2010 - 13:12
User Badges:
  • Green, 3000 points or more

Hi,


I agree that you should be more specific.


For example L2 is when the NAS is going to be adjacent on the same L2 segment of the client.
L3 generally is better since the NAS does not have to be adjacent to the client (more scalable)

In-band is when the traffic passes through the NAS all the time.
OOB is when only the authentication and posture passes through the NAS, then all normal traffic
is redirected to the appropiate VLAN.
For OOB you need Cisco Switches.


One NAS server can only serve certain connections, therefore depending on your topology you might need
more than one NAS servers and a Lite-Manager or Standard Manager.

Check out the NAC datasheet for the NAC Appliances and let us know if you have any questions.


Federico.

Federico Coto F... Wed, 04/28/2010 - 07:50
User Badges:
  • Green, 3000 points or more

Hi,


OOB, L3...

You still need to decide the physical deployment mode: (edge or central) and the passing traffic mode: (bridge mode or gateway mode)


Please refer to this presentation to get technical knowledge overview:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/prod_presentation0900aecd8048676a.pdf


This links you can find the configuration guides:

http://www.cisco.com/en/US/products/ps6128/products_installation_and_configuration_guides_list.html


Here's the general information you require to know (data sheet):

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.html


Let us know if you have any questions.


Federico.

Actions

This Discussion