What is Cisco Network Admission Control?
Cisco Network Admission Control (NAC) is a set of technologies and solutions that use the infrastructure of a computer network for network access control (NAC) and network protection. Network access is only permitted from trusted endpoint devices such as workstations, servers, personal digital assistants (PDAs), and other devices. It restricts all incompatible devices. All access methods are monitored, including wireless devices, local area networks (LAN), and remote access wide area networks (WANs).
Im Jahr 2006 gaben Cisco und Microsoft eine Interoperabilitätsvereinbarung bekannt, die die Zusammenarbeit zwischen Cisco NAC und Microsoft Netzwerkzugriffsschutz (Microsoft NAP) ermöglichte, gefolgt von Co-marketing im nächsten Jahr. Kunden durften eine oder beide Technologien nutzen.
NAC also blocks, quarantines, and repairs incompatible computers while quarantining suspicious computers in a specified area. Queued network guests are given a quarantine area to identify authentication or other problems. Often some type of credential is required before network access is granted.
It can also verify a computer's anti-virus status, including the latest versions of anti-virus software, virus definitions, and scan engines.
The Cisco Trust Agent is a key NAC component that resides on an endpoint system. The Cisco Trust Agent communicates with Cisco routers when collecting security status information. This information is communicated to the Cisco Secure Access Control Server (Cisco ACS) to determine access. The decision is then communicated to the router, which enforces the decision by allowing or denying access.