Cisco Cisco NAC Appliance 4.7.3 Leaflet
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
5
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Public
Session Number
Presentation_ID
Presentation_ID
C97-348014-00 05/06
Complexity Demands Defense-in-Depth
Identity
Guest access
AAA
Employee
Endpoint
Security
Anti-spyware
Personal
Firewalls
HIPS
Anti-virus
Network
Security
Security
VPNs
IDS/IPS
Perimeter
Firewalls
Firewalls
X
Identity alone fails:
Protects against unauthorized
access, but not malware
Identifies user, but not device
access, but not malware
Identifies user, but not device
X
Endpoint security alone fails:
99% have AV, but infections persist!
Host based apps are easily
manipulated—even unintentionally
Time gap between virus and virus def/repair
Host based apps are easily
manipulated—even unintentionally
Time gap between virus and virus def/repair
X
Network security alone fails:
Firewalls cannot block legitimate ports
VPNs cannot block legitimate users
Malware signatures must be known
Detection often occurs after-the-fact
VPNs cannot block legitimate users
Malware signatures must be known
Detection often occurs after-the-fact