https://community.cisco.com/t5/network-security/nac-agentless/m-p/708431#M777279 <HTML><HEAD></HEAD><BODY><P>The following NAC configuration will guide you </P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/application/pdf/en/us/guest/products/ps7091/c1626/ccmigration_09186a00806c3da9.pdf" target="_blank">http://www.cisco.com/application/pdf/en/us/guest/products/ps7091/c1626/ccmigration_09186a00806c3da9.pdf</A></P></BODY></HTML> Mon, 05 Feb 2007 16:12:39 GMT fmeetz 2007-02-05T16:12:39Z https://community.cisco.com/t5/network-security/nac-agentless/m-p/708430#M777278 <P>Hi, I would like to know something more about using agentless NAC. We want to use Clean Access Server, but mainly to avoid MAC Spoofing. We think that CAS host scanning engine can help us through. </P><P></P><P>Is it possible to configure CAS to scan ports, so if it founds "something" (a certain port open, a banner, a combination of both,...), it can allow access without the need of authentication? On this way, an attacker that could steal a MAC address (maybe from an IP phone, or a printer) , will have no access due to this "combination" of parameters that host scanning engine must find on the endpoint,</P><P></P><P>Best,</P><P></P><P>JM2008</P><P></P><P> </P> Fri, 21 Feb 2020 09:23:41 GMT https://community.cisco.com/t5/network-security/nac-agentless/m-p/708430#M777278 jmcomas2008 2020-02-21T09:23:41Z https://community.cisco.com/t5/network-security/nac-agentless/m-p/708431#M777279 <HTML><HEAD></HEAD><BODY><P>The following NAC configuration will guide you </P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/application/pdf/en/us/guest/products/ps7091/c1626/ccmigration_09186a00806c3da9.pdf" target="_blank">http://www.cisco.com/application/pdf/en/us/guest/products/ps7091/c1626/ccmigration_09186a00806c3da9.pdf</A></P></BODY></HTML> Mon, 05 Feb 2007 16:12:39 GMT https://community.cisco.com/t5/network-security/nac-agentless/m-p/708431#M777279 fmeetz 2007-02-05T16:12:39Z