Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

NAC deployment

Hello there!

I have 2 NAC Appliance 3310. I want to configure them both as Clean Access Servers(CAS). One will be fail over for the other. In this deployment i will have no Clean Access Manager. Is this possible? If possible how will i configure the CAS without CAM? Is it possible also to install the CAM software in a different hardware other than NAC Appliances(Like normal PCs or Server machines)

Best regards,

Stanslaus.

3 REPLIES
Silver

Re: NAC deployment

Hi Stanslaus,

You need one Clean Access Manager (CAM) and one Clean Access Server (CAS) at a minimum to make any In-band or Out-of-band solution work. What's more, the CAM and the CAS cannot be installed on the same server.

Here are some excellent references to consult:

http://cisconac.blogspot.com/

http://www.networkworld.com/community/heary

http://blog.tenablesecurity.com/

http://blogs.cisco.com/security

http://6200networks.com/

http://www.demolabs.co.uk/cisconac_demo.html

Cisco Security Center http://tools.cisco.com/security/center/home.x

Books:

Cisco NAC Appliance: Enforcing Host Security with Clean Access by Jamey Heary, Jerry Lin, Chad Sullivan, Alok Agrawal. (2007)

Hope this helps.

Best,

Paul

Re: NAC deployment

Hi Paul,

Thank you very much.

Regards,

Stanslaus.

New Member

Re: NAC deployment

Hi!!!

As fas as my understanding goes, in NAC we must have to have at least one CAM.

In CAM all configuration is done & the CAS will deliver the same to NAC compliant end devices.

Without CAm how will this be done???

CAM s/ u can't install on different servers!!!

145
Views
8
Helpful
3
Replies