Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1051
Views
0
Helpful
8
Replies

NAC-CAS vs. NAC-NM

Go to solution
kostica
Level 1
Level 1

‎02-06-2009 01:16 AM - edited ‎02-21-2020 03:16 AM

Hi,

I have central site with 50 users, without branches. Can I deploy just NAC-NM instead of CAS and if I use NAC-NM in 2811 ISR is there any bandwidth limitation when it is compared to CAS solution? In general, what is throughput for CAS (3310) and what for NAC-NM ???

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
clausonna
Level 3
Level 3
In response to kostica

‎02-17-2009 08:46 AM

Yes, the NM will work in inline mode, but as with all CAS's it can support only one mode (inline or OOB) at a time.

We're desigining our inline CAS-NM solution now in our lab, and I had similar concerns regarding throughput. I opened a TAC case and was assured that the NM CAS can do full gig throughput. Our testing showed that our router platform (an ISR 2821) can only do about 20mbps, though, even with all features turned off.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
cdusio
Level 4
Level 4

‎02-07-2009 05:09 AM

The 3310 can handle up to ~ 1 Gig in in-band deployment. OOB is handled as a licensing restriction same as the NAC-NM

The NAC-NM is licensed per user but it does OOB... It's based on simultaneous users...

All NAC products are licensed by this feature so that same licensing is required for a CAS as well.

-HTH

0 Helpful

Go to solution
kostica
Level 1
Level 1
In response to cdusio

‎02-08-2009 11:50 PM

It's clear that number of users with NAC-NM is limited by the licence, 50 or 100 users. But is there any impact on traffic congestion when I put module in ISR? Does it affect availability of my servers for example?

0 Helpful

Go to solution
cdusio
Level 4
Level 4
In response to kostica

‎02-09-2009 06:55 AM

By servers are you talking about servers at the local side? Normally that would not be an issue as once end stations are authenticated, the NAC is not in the way anymore. Same would apply to servers over the WAN.

0 Helpful

Go to solution
kostica
Level 1
Level 1
In response to cdusio

‎02-10-2009 01:23 AM

I'm talking about servers at the local side, ok they aren't affected after authentication. But what's the exact throughput of NAC-NM in ISR 2811 in in-band deployment, including throughput of the router itself ???

0 Helpful

Go to solution
cdusio
Level 4
Level 4
In response to kostica

‎02-10-2009 03:40 AM

I don't think I can answer that because I don't see anything out there that says "throughput is this".. It's all about simultaneous users. I did find something that referencecs the fact that the module does connect over HIMI feature which is a gig connection to the router from the service module.

http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps8788/prod_qas0900aecd806bfe39_ps6128_Products_Q_and_A_Item.html

You can check this article on 2811 performance..

http://www.smbdesignweb.co.uk/bbt/download/CiscoISR_2811_v1.pdf

HTH

-C

0 Helpful

Go to solution
kostica
Level 1
Level 1
In response to cdusio

‎02-11-2009 03:19 AM

If ISR works as a bridge, will NAC-NM work in in-band deployment?

0 Helpful

Go to solution
clausonna
Level 3
Level 3
In response to kostica

‎02-17-2009 08:46 AM

Yes, the NM will work in inline mode, but as with all CAS's it can support only one mode (inline or OOB) at a time.

We're desigining our inline CAS-NM solution now in our lab, and I had similar concerns regarding throughput. I opened a TAC case and was assured that the NM CAS can do full gig throughput. Our testing showed that our router platform (an ISR 2821) can only do about 20mbps, though, even with all features turned off.

0 Helpful

Go to solution
kostica
Level 1
Level 1
In response to clausonna

‎02-18-2009 12:13 AM

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card