GAME Protocol and NAC Books

lterenzzz · ‎01-13-2006

Hi All!

I would like to know a little more about the "Generic Authorization Message Exchange" Protocol (GAME) used between ACS and audit Server.

Is there any documentation ? .. other source of info?

I also have another question:

is there any Cisco Book about NAC Framework?

darpotter · ‎01-17-2006

The truth of the matter is that NAC is a very fluid technology and still in its infancy.

NAC v2 is hugely different to v1. As I left Cisco in December the upcoming changes were still coming thick and fast. Any book would have limited shelf life and the poeple who really understand NAC (not many) are way too busy to write a book ;)

GAME is essentially just a set of extensions to SAML. So you could start by reading up on that. I know the developer - Ill ask him if there are any PD docs.

lterenzzz · ‎01-18-2006

Hi darpotter!!!! .. and tnx for the quick answer.

So, if i understand correctly:

GAME is an extension of SAML, and SAML use SOAP at transport level .. so (in NAH) the Cisco ACS call a web-service on the external audit server?

One last question: is GAME a Cisco propiertary protocol?

I Still haven't seen so many difference between NAC v1 and NAC v2, can you show me some of them please?

TNX IN AVANCE!

darpotter · ‎01-27-2006

Hi

I double checked with ACS DE and GAME is proprietry. They have no plans to document or submit as a standard.

The big difference (aside from wider device uptake etc) is that NAC v2 incorporates the posture checks into the L2 authentication - as opposed to a post-connected L3 ACL.

Darran