Nac Overview - Cisco 7604 Configuration Manual
Ios software configuration guide
Hide thumbs
Also See for 7604:
- Configuration manual (742 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Understanding NAC
NAC Overview
NAC is part of the Cisco Self-Defending Network Initiative that helps you identify, prevent, and adapt
to security threats in your network. Because of the increased threat and impact of worms and viruses to
networked businesses, NAC allows you to check and validate the antivirus status of endpoints or clients
before granting network access.
Cisco 7600 series routers support NAC Layer 2 IP validation. NAC Layer 2 IP validation operates on
edge switches but has different methods for validation initiation, message exchange, and policy
enforcement from the NAC Layer 2 IEEE 802.1x. LAN Port IP does not require IEEE 802.1x support on
the host PCs. For a complete list of devices that support NAC, see the NAC release notes.
Note
•
•
NAC provides posture validation for routed traffic on Cisco 7600 series routers. Posture validation
reduces the exposure of a virus to the network. This feature allows network access based on the antivirus
credentials of the network device that is requesting network access. These credentials may be antivirus
software, a virus definitions file, or a particular virus scan engine version. Based on the antivirus
credentials of the host, the requesting device is allowed access to the network or is restricted from
network access.
If the client host fails the credential validation, then partial access to the network can be allowed by using
the remediation feature. The remediation process redirects HTTP traffic from the client host to a web
page URL that provides access to the latest antivirus files. The URL used by the remediation process
resolves to a remediation server address defined as a part of the network access policy. The remediation
server is where the latest antivirus files are located. These antivirus files can be downloaded or upgraded
from this location.
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
45-2
Unless otherwise noted, the term switch refers to Cisco 7600 series routers. Because NAC as
described in this chapter is a Layer 2 feature, the term switch is used for Cisco 7600 routers.
Release 12.2(18)SXF does not support NAC Layer 2 IEEE 802.1x.
Chapter 45
Configuring Network Admission Control
OL-4266-08
- Quick Links:
- Supported Hardware and Software
Hide quick links:
Advertisement
Chapters
Table of Contents
