Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
3
Replies

NAC by ACS 3.3

remco.gussen
Level 1
Level 1

‎10-17-2007 06:40 AM - last edited on ‎03-25-2019 05:24 PM by Community Manager

Hi there

Is it posible to implement (wireless) NAC by an ACS ?

Or do I need a NAC appliance ?

GR.

Remco

Labels:
0 Helpful
3 Replies 3

darpotter
Level 5
Level 5

‎10-17-2007 08:26 AM

Yes it is possible to implement NAC using ACS. You probably want to use v4.1

v3.3 was the 1st rev and not feature rich. v4.0 is buggy as hell. From my sources I hear v4.1 is only just now getting to be stable.

There's white papers and stuff on cisco.com if you search for NAC and ACS. On its own ACS can implement policy to check basic facts about the state of the endpoint before granting access (eg OS version, service pack etc).

If you want much more (eg virus def state) you probably also need the posture server from your a/v supplier. ACS can "back end" onto quite a few 3rd party solutions.

0 Helpful

remco.gussen
Level 1
Level 1
In response to darpotter

‎10-17-2007 12:05 PM

How does the ACS knows what the "basic facts about the state of the endpoint" are ? Is it somthing like this: If client is Windows XP and SP is less then SP1, then clients must be placed in "update" VLAN ?

0 Helpful

andrew.brazier
Level 4
Level 4
In response to remco.gussen

‎10-22-2007 02:53 AM

That comes from the Cisco Secure Agent (CSA) installed on the client. This, together with the posture configuration on the ACS defines the posture of the client (and if it's 802.1x the VLAN it goes into).

BTW, you really want ACS 4.0 as a minimum and preferably 4.1 for the reasons stated.

0 Helpful
Customers Also Viewed These Support Documents