Cisco Clean Access is a powerful, easy-to-use admission control and compliance enforcement solution.
With comprehensive security features, in-band or out-of-band deployment options, user authentication
tools, and bandwidth and traffic filtering controls, Cisco Clean Access is a complete solution for
controlling and securing networks. As the central access management point for your network, Cisco
Clean Access lets you implement security, access, and compliance policies in one place instead of having
to propagate the policies throughout the network on many devices.

The security features in Cisco Clean Access include user authentication, policy-based traffic filtering,
and Clean Access vulnerability assessment and remediation. Clean Access stops viruses and worms at
the edge of the network. With remote or local system checking, Clean Access lets you block devices from
accessing your network unless they meet the requirements you establish.

You can deploy the Cisco Clean Access software in the configuration that best meets the needs of your
network. The Clean Access Server (CAS) can be deployed as the first-hop gateway for your edge devices
providing simple routing functionality, advanced DHCP services, and other services. Alternatively, if
elements in your network already provide these services, the CAS can work alongside those elements
without requiring changes to your existing network by being deployed as a “bump-in-the-wire.” Other
key features of Cisco Clean Access include:

•

Standards-based architecture— Uses HTTP, HTTPS, XML, and Java Management Extensions
(JMX).

•

User authentication—Integrates with existing backend authentication servers, including Kerberos,
LDAP, RADIUS, and Windows NT domain.