Table of Contents
Advertisement
Features
•
Network Admission Control (NAC) features:
–
–
–
–
TACACS+, a proprietary feature for managing network security through a TACACS server
•
RADIUS for verifying the identity of, granting access to, and tracking the actions of remote users
•
through AAA services
Kerberos security system to authenticate requests for network resources by using a trusted third
•
party (requires the cryptographic universal software image)
Secure Socket Layer (SSL) Version 3.0 support for the HTTP 1.1 server authentication, encryption,
•
and message integrity and HTTP client authentication to allow secure HTTP communications
(requires the cryptographic universal software image)
•
Support for IP source guard on static hosts.
RADIUS Change of Authorization (CoA) to change the attributes of a certain session after it is
•
authenticated. When there is a change in policy for a user or user group in AAA, administrators can
send the RADIUS CoA packets from the AAA server, such as Cisco Secure ACS to reinitialize
authentication, and apply to the new policies.
IEEE 802.1x User Distribution to allow deployments with multiple VLANs (for a group of users) to
•
improve scalability of the network by load balancing users across different VLANs. Authorized
users are assigned to the least populated VLAN in the group, assigned by RADIUS server.
Support for critical VLAN with multiple-host authentication so that when a port is configured for
•
multi-auth, and an AAA server becomes unreachable, the port is placed in a critical VLAN in order
to still permit access to critical resources.
Customizable web authentication enhancement to allow the creation of user-defined login, success,
•
failure and expire web pages for local web authentication.
Support for Network Edge Access Topology (NEAT) to change the port host mode and to apply a
•
standard port configuration on the authenticator switch port.
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
1-12
NAC Layer 2 IEEE 802.1x validation of the antivirus condition or posture of endpoint systems
or clients before granting the devices network access.
For information about configuring NAC Layer 2 IEEE 802.1x validation, see the
NAC Layer 2 802.1x Validation" section on page
NAC Layer 2 IP validation of the posture of endpoint systems or clients before granting the
devices network access.
For information about configuring NAC Layer 2 IP validation, see the Network Admission
Control Software Configuration Guide.
IEEE 802.1x inaccessible authentication bypass.
For information about configuring this feature, see the
Authentication Bypass Feature" section on page
Authentication, authorization, and accounting (AAA) down policy for a NAC Layer 2 IP
validation of a host if the AAA server is not available when the posture validation occurs.
For information about this feature, see the Network Admission Control Software Configuration
Guide.
9-57.
"Configuring the Inaccessible
9-52.
Chapter 1
Overview
"Configuring
OL-12247-04
Advertisement
Chapters
Table of Contents
Troubleshooting
