Q. Does the Cisco NAC Appliance actually clean, or does it just make sure programs are installed and updated so that machines remain clean?
A. In the case of a failed Windows hotfix, the Cisco NAC Appliance can automatically launch the Windows AutoUpdate tool. If the Cisco NAC Appliance detects an infection or vulnerability, it can push a fix tool to the user (Symantec's MyDoom Fix Tool, for example) and require that user to use it before accessing the network. In addition, any registry setting that is detected can trigger the download of software or scripts that secure the user's device to meet established security policies.
Q. How does the Cisco NAC Appliance work?
A. When a device attempts to log onto the network, the Cisco NAC Appliance requests authentication credentials and identifies what kind of device it is. Depending on the role of the user, a posture assessment is performed based on the requirements of the network. If the device is found to be noncompliant, the Cisco NAC Appliance redirects the machine to a quarantine area where the user can perform the necessary downloads to update the machine. The machine is then rescanned and, if compliant, is granted access to the network.
Q. What kind of scans does the Cisco NAC Appliance perform?
A. The Cisco NAC Appliance performs network- and agent-based scans. Network-based scans look for network vulnerabilities such as remote-procedure call (RPC) buffer overflows or messenger buffer overflows. Agent-based scans check a user's system registry, file system, and system memory for specific services and applications.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...