NAC Server without NAC manager

ashok.jaiswal · ‎12-05-2011

Hi,

Would like to know whether NAC server (NAC appliance 3355) is enough to provide NAC functionality without NAC manager in the network for one location say Datacenter.

Regards,

Ashok

danielfycosta · ‎12-07-2011

Hello Ashok!

Unfortunately the Cisco NAC solution needs both Clean Access Server (CAS) and Clean Access Manager (CAM) in order to work properly. Since the CAM retains all security policies and the CAS actually implies them into the network.

So you'll need at least one appliance of each, CAS and CAM, to have Cisco NAC solution working.

Regards, Dan

game123 · ‎01-13-2014

Well, as per the solution guide and style of work of NAC systems, atleast 1 CAM is required. Although TRAFFIC is supposed traverse through CAS / NAS appliances but you can configure and work through CAM GUI only .

Hope this helps.

regards,

-K-

sumirkum · ‎12-11-2011

Hi Ashok,

You can use a single CAS in the network in a single location in case you have a centralized CAM for multiple locations but you would need atleast one CAM to manage all the CAS servers as all the settings and policies for CAS are stored in CAM.

Moreover, the CAS product licenses are generated based on the eth0 MAC address of the CAM, so atleast one CAS is essential.

http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/48/48rn.html#wp39625

HTH!

Regards,

Sumir