Cisco Systems 3.3 Manual De Usuario
Chapter 14 Network Admission Control
About Network Admission Control
14-2
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
NAC AAA Components
The following list defines the components of the NAC AAA paradigm.
, describes the posture validation process in which these
components are used.
•
NAC-client computer—A computer running NAC software, as follows:
–
NAC client—The NAC client is the Cisco Trust Agent (CTA)
application. CTA collects data directly from the computer and from any
NAC-compliant applications installed on the computer. It uses this data
to create a set of attributes that contain information about the posture of
the computer. These attributes are also called credentials. For more
information about credentials, see
application. CTA collects data directly from the computer and from any
NAC-compliant applications installed on the computer. It uses this data
to create a set of attributes that contain information about the posture of
the computer. These attributes are also called credentials. For more
information about credentials, see
.
–
NAC-compliant applications—Applications that integrate with the
NAC client. Examples of such applications are Cisco Security Agent and
anti-virus programs from Network Associates, Symantec, or Trend
Micro. These applications provide the NAC client with attributes about
themselves, such as the version number of a virus definition file.
NAC client. Examples of such applications are Cisco Security Agent and
anti-virus programs from Network Associates, Symantec, or Trend
Micro. These applications provide the NAC client with attributes about
themselves, such as the version number of a virus definition file.
•
AAA client—A network access device, such as a router, whose operating
system supports NAC.
system supports NAC.
•
Cisco Secure ACS—Performs posture validation of the NAC-client
computer, using either internal policies, external policies, or both. When
external policies are used, Cisco Secure ACS forwards posture validation
requests to a NAC server.
computer, using either internal policies, external policies, or both. When
external policies are used, Cisco Secure ACS forwards posture validation
requests to a NAC server.
•
NAC server—Performs posture validation of the NAC-client computer when
Cisco Secure ACS is configured to use external policies.
Cisco Secure ACS is configured to use external policies.
•
Remediation server—Provides support to NAC-client computers needing
repairs or updates to comply with network admission requirements.
repairs or updates to comply with network admission requirements.