Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1568
Views
5
Helpful
4
Replies

NAC and virtual machines on a pc

Go to solution
alfonso.cornejo
Level 3
Level 3

‎06-04-2009 07:34 AM - edited ‎02-21-2020 03:29 AM

Hi to all,

Does any one know if when a computer is connected to the network using the cisco or the web agent and it has passed the authentication process but suddenly the user starts a virtual machine with another Operative System (linux, windows, etc) the NAC solution will recognice this "new computer" and get it into the authentication and remediation process??

Thanks in advance for your help.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
halim.abouzeid
Level 1
Level 1
In response to alfonso.cornejo

‎06-12-2009 07:07 AM

Traffic coming from the virtual machine OS will have a different MAC address than the host OS. therefore NAC will detect it as a new device.

If you're using inband, the virtual machine will go threw authentication without disturbing the host OS.

If you're using out of band, the switchport will be changed to the authentication vlan and both OS will have to go threw authentication again

View solution in original post

0 Helpful
4 Replies 4

Go to solution
smalkeric
Level 6
Level 6

‎06-10-2009 08:51 AM

The most common use of virtual environments is for servers, not desktops, and the predominant use of NAC is for enforcing access rules for desktops and laptops not servers. Those businesses that are using virtual desktops know it and will have to address the problem, but it won't come up in most NAC deployments.

Go to solution
alfonso.cornejo
Level 3
Level 3
In response to smalkeric

‎06-10-2009 12:02 PM

Hi smalkeric,

I see your point, so in this case the NAC solution won't see the virtual machine started??

I mean, imagine that someone has a laptop with linux wich has passed the authentication process and it is connected to the network, and starts a virtual machine with windows xp and it doesn't have installed the antivirus that is requested in windows machines to get access to the network, it will be able to connect to the network?

Thanks in advance for your help.

0 Helpful

Go to solution
halim.abouzeid
Level 1
Level 1
In response to alfonso.cornejo

‎06-12-2009 07:07 AM

Traffic coming from the virtual machine OS will have a different MAC address than the host OS. therefore NAC will detect it as a new device.

If you're using inband, the virtual machine will go threw authentication without disturbing the host OS.

If you're using out of band, the switchport will be changed to the authentication vlan and both OS will have to go threw authentication again

0 Helpful

Go to solution
alfonso.cornejo
Level 3
Level 3
In response to halim.abouzeid

‎06-13-2009 07:34 AM

Thanks alot Halim for clearing it.

Best regards,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card