Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Does Cisco NAC Appliance deployment require CS-ACS?

I've gone through all the partner training on the Cisco NAC appliance and mgmt station, and CiscoSecure ACS 4.0+ is mentioned just about everywhere in the user verification steps.

If a customer does not have CSACS, or AAA for that matter (say in just a MS Exchange environment), the NAC appliances can still be used, correct?

I'm assuming they can, but that leads to if any functionality/checks would be lost in that case, and if so, what?

Anybody have any ideas on that?



Re: Does Cisco NAC Appliance deployment require CS-ACS?

Yes, you could use NAC with the local database for a client demonstration. This is actually my preferred method.

Of course, you would lose the central management functionality which comes with ACS or a hook to Active Directory via KTPass (This command-line tool enables an administrator to configure a non-Windows Server 2003 Kerberos service as a security principal in the Windows Server 2003 Active Directory).

Though by all means deploy NAC, even if you are simply want to demonstrate its functionality. Configure the authentication portion last, after your customer is happy with the demonstrated results.

Hope this helps.

CreatePlease to create content