Re: Cisco NAC Guruz:=>Differentiate In-Band and Out-Of-Band appl

Baerde1234 · ‎06-03-2010

Please clarify for me the exact meaning of In-band and Out-Of-Band as it applies to CAS/CAM to get a user authenticated/validated; specifically mentioning the relevance of "trusted network", "untrusted network", "'virtual gateway" etc. so I can get a clearer picture. I appreciate your help.

Baerde1234 · ‎06-03-2010

Also the exact difference between a Real IP Gateway and a Virtual IP Gateway vis a vis
authentication and certification of a client by the CAS.

Faisal Sehbai · ‎06-04-2010

Esmail,

Inband vs out of band signify the traffic path a client's traffic takes after the authentication/posture-assessment piece has finished. In inband scenarios the traffic always traverses the CAS even after the authentication/PA has happened. In OOB setups, the traffic path is changed and the client traffic goes directly through your core network instead of traversing the CAS. VPN is only supported in IB setups, and Wireless can be OOB only in 4.5.1 and above.

HTH,

Faisal

Baerde1234 · ‎06-07-2010

Thanks for the explanation Faisal. I'm getting more the drift of it now. When I read down further the guide it started to shed me some extra light. In-Band-within the networks NAC primarily funcions(Trusted/Untrusted Network), and out-of-band when NAC finally hands off forwarding to the rest of the non_NAC specific networks.

Cisco NAC Guruz:=>Differentiate In-Band and Out-Of-Band applied to CAS/CAM Trusted/Untrusted Network