About Network Admission Control
NAC AAA Components
User Guide for Cisco Secure ACS for Windows Server
14-2
The following list defines the components of the NAC AAA paradigm.
Validation, page
14-3, describes the posture validation process in which these
components are used.
NAC-client computer—A computer running NAC software, as follows:
•
NAC client—The NAC client is the Cisco Trust Agent (CTA)
–
application. CTA collects data directly from the computer and from any
NAC-compliant applications installed on the computer. It uses this data
to create a set of attributes that contain information about the posture of
the computer. These attributes are also called credentials. For more
information about credentials, see
Attributes, page
NAC-compliant applications—Applications that integrate with the
–
NAC client. Examples of such applications are Cisco Security Agent and
anti-virus programs from Network Associates, Symantec, or Trend
Micro. These applications provide the NAC client with attributes about
themselves, such as the version number of a virus definition file.
•
AAA client—A network access device, such as a router, whose operating
system supports NAC.
•
Cisco Secure ACS—Performs posture validation of the NAC-client
computer, using either internal policies, external policies, or both. When
external policies are used, Cisco Secure ACS forwards posture validation
requests to a NAC server.
NAC server—Performs posture validation of the NAC-client computer when
•
Cisco Secure ACS is configured to use external policies.
Remediation server—Provides support to NAC-client computers needing
•
repairs or updates to comply with network admission requirements.
Chapter 14
About NAC Credentials and
14-11.
Network Admission Control
Posture
78-16592-01