Cisco Cisco NAC Appliance 4.9.1 Leaflet
8
© 2006 Cisco Systems, Inc. All rights reserved.
Cisco Public
Session Number
Presentation_ID
Presentation_ID
C97-348014-00 05/06
Four Key Capabilities of NAC
Quarantine
Quarantine
and
and
Remediate
Remediate
Just knowing a
device is non-
compliant is not
enough—
someone still
needs to fix it.
device is non-
compliant is not
enough—
someone still
needs to fix it.
Acts on posture
assessment
results, isolates
device, and brings
it into compliance
assessment
results, isolates
device, and brings
it into compliance
Configure
Configure
and
and
Manage
Manage
Policies that are
too complex or
difficult to create
and use will lead
to abandonment
of project.
too complex or
difficult to create
and use will lead
to abandonment
of project.
Easily creates
comprehensive,
granular policies
that map quickly
to user groups
and roles
comprehensive,
granular policies
that map quickly
to user groups
and roles
Securely
Identify
Device and User
What it
means
means
Uniquely identifies
users and devices,
and creates
associations
between the two
users and devices,
and creates
associations
between the two
Critical to
associate users
and devices with
roles to know
which policies
apply; prevents
device spoofing.
associate users
and devices with
roles to know
which policies
apply; prevents
device spoofing.
Without
it . . .
it . . .
Enforce
Enforce
Consistent
Consistent
Policy
Policy
A decentralized
policy mechanism
(e.g. on endpoint)
can leave gaping
security holes.
policy mechanism
(e.g. on endpoint)
can leave gaping
security holes.
Assess and
enforce a
ubiquitous policy
across the entire
network
enforce a
ubiquitous policy
across the entire
network
A robust NAC solution must
have all four capabilities.