Cisco Cisco NAC Appliance 4.8.4 Data Sheet
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 2 of 5
Device Quarantine
Cisco NAC places noncompliant machines into quarantine, preventing the spread of infection while giving the
machines access to remediation resources. Through DHCP, inline traffic filters, or a quarantine VLAN, quarantine
is achieved.
Automatic Security Policy Updates
Automatic updates in Cisco’s standard software maintenance package provide predefined policies for common
network access criteria. These include policies that check for critical operating system updates, virus definition
updates for antivirus software, and antispyware definition updates. This eases the management cost for network
administrators, who can rely on Cisco NAC for constantly updated policies.
Centralized Management
The Cisco NAC web-based management console allows you to define a policy for the entire network, as well as
the related remediation packages necessary for recovery. The management console manages the Cisco NAC
Servers and network switches from a central interface.
Remediation and Repair
Quarantining allows remediation servers to provide operating system patches and updates, virus definition files, or
endpoint security solutions to compromised or vulnerable devices. You enable automated remediation through the
optional agent, or specify your own remediation instructions. And Cisco NAC delivers user-friendly features, such
as monitoring mode and silent remediation, to minimize user impact.
Flexible Deployment Modes
Cisco NAC offers the right deployment mode to fit your network. The Cisco NAC Solution can be deployed in an
in-band or out-of-band configuration. It can be deployed as a Layer 2 bridge and as a Layer 3 router. You can
deploy it adjacent to the client on the same subnet or multiple router hops away.
Product Architecture
The Cisco NAC solution is comprised of the following components.
●
Cisco NAC Server: The NAC Server enforces access privileges based on endpoint compliance and user
authentication. A user cannot gain access to the network until they authenticate and the device meets
defined posture requirements. The Cisco NAC Server is available in sizes for 100, 250, 500, 1500, 2500,
3500, and 5000 concurrent online users. The NAC Server is available as a standalone appliance.
Appliances are available in different configurations and software licenses.
●
Cisco NAC Manager: This centralized, web-based console for establishing roles, checks, rules, and
policies is available in three sizes. The Cisco NAC Lite Manager manages up to three Cisco NAC Servers;
the Cisco NAC Standard Manager manages up to 20 Cisco NAC Servers; and the Cisco NAC Super
Manager manages up to 40 Cisco NAC Servers or 80 Cisco NAC Network Modules. A single Cisco NAC
Manager can manage up to 50,000 endpoints.
●
Cisco NAC Agent: This thin, read-only agent enhances posture assessment functions and streamlines
remediation. Cisco NAC Agents are optional and are distributed free of charge.