topic Cisco NAC capabilities in Network Security

Cisco NAC capabilities

WILLIAM STEGMAN — Fri, 21 Feb 2020 09:39:45 GMT

I'm tryin to determine if Cisco's NAC appliance would be able to stop someone from plugging in a Wireless AP and get it working as an access point or bridge. Is there a configuration or option within the NAC to do this?

Re: Cisco NAC capabilities

wbreitzke — Wed, 05 Sep 2007 13:50:19 GMT

This document describes how to integrate the Cisco Clean Access (CCA) solution with a Cisco Wireless LAN Controller (referred to hereafter as the controller) to provide guest user access management and posture assessment features for wireless networks. A similar configuration is designed for non-guest user access and posture assessment.

http://www.cisco.com/en/US/docs/wireless/technology/clean_access/technical/reference/cleanAN.html

Re: Cisco NAC capabilities

rtrunk — Mon, 10 Sep 2007 00:05:53 GMT

I can't think of a way to prevent rogue APs with NAC. It's designed to verify host configuration, not infrastructure devices.

There are however, many other ways to detect rogue APs, from simple to complex, and cheap to hideously expensive.

Ron