Cisco Cisco NAC Appliance 3.6
1-3
Cisco Clean Access (NAC Appliance) Server Installation and Administration Guide
OL-9040-01
Chapter 1 Introduction
Clean Access Server Features
•
Clean Access Policy Updates—Regular updates of pre-packaged policies/rules that can be used to
check the up-to-date status of operating systems, antivirus (AV), antispyware (AS), and other client
software. Provides built-in support for over 24 AV vendors and 17 AS vendors.
check the up-to-date status of operating systems, antivirus (AV), antispyware (AS), and other client
software. Provides built-in support for over 24 AV vendors and 17 AS vendors.
Figure 1-1
Cisco Clean Access (NAC Appliance) Deployment (In-Band)
Clean Access Server Features
The following are key features and benefits of the Clean Access Server:
•
In-Band or Out-of-Band deployment
•
Integration with Cisco VPN concentrators
•
Secure user authentication
•
Cisco Clean Access network-based and agent-based scanning and remediation
•
Role-based access control
•
DHCP address allocation for untrusted (managed) clients, or DHCP relay or passthrough modes
•
Network address translation (NAT) services, with support for dynamic or 1:1 NAT (non-production
only)
only)
•
Bandwidth management
•
Event logging and reporting services
•
VLAN support in which the Clean Access Server can be a VLAN termination point, provide VLAN
passthrough, and provide VLAN-based access control.
passthrough, and provide VLAN-based access control.
•
Subnet roaming support
•
Flexible deployment options enabling the Clean Access Server to be integrated into most network
architectures
architectures
Clean Access Manager
Clean Access
Web Admin Console
Internet
LAN/intranet
switch
Clean Access
Server (CAS)
authentication sources
router
(LDAP, RADIUS, Kerberos,
PC
PC
Agent
Agent
admin laptop
Agent
Clean Access Agent
(CAA)
Agent
Manager (CAM)
Windows NT)