Cisco Cisco NAC Appliance 4.6 Leaflet
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
5
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Public
Session Number
Presentation_ID
Presentation_ID
C97-347999-00 05/06
Complexity Demands Defense-in-Depth
identity
guest access
guest access
AAA
AAA
employee
employee
endpoint
security
Anti
Anti
-
-
spyware
spyware
personal
personal
firewalls
firewalls
HIPS
HIPS
anti
anti
-
-
virus
virus
network
security
security
IDS/IPS
IDS/IPS
VPNs
VPNs
perimeter
perimeter
firewalls
firewalls
X
Endpoint security alone fails:
99% have AV, but infections persist!
Host based apps are easily manipulated—
even unintentionally
Time gap between virus and virus def/repair
Host based apps are easily manipulated—
even unintentionally
Time gap between virus and virus def/repair
X
Identity alone fails:
Protects against unauthorized
access, but not malware
Identifies user, but not device
access, but not malware
Identifies user, but not device
X
Network security alone fails:
Firewalls cannot block legitimate ports
VPNs cannot block legitimate users
Malware signatures must be known
Detection often occurs after-the-fact
VPNs cannot block legitimate users
Malware signatures must be known
Detection often occurs after-the-fact