Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1862
Views
0
Helpful
3
Replies

Network Admission Control (NAC) vs Network Access Control (NAC)

interfacedy
Spotlight
Spotlight

‎09-18-2021 08:23 PM

Hi two terms is same? Network Admission Control (NAC) vs Network Access Control (NAC)

Thanks

0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-19-2021 03:47 AM

The first one is generally used with a now-end-of-sales Cisco product. Reference:

https://en.wikipedia.org/wiki/Network_Admission_Control

Network Access Control is the much more commonly used term these days and includes products such as Cisco Identity Services Engine (ISE). (Although Cisco would contend it is much more than that, one could argue that's a marketing distinction.)

0 Helpful

interfacedy
Spotlight
Spotlight

‎09-19-2021 08:37 AM

Thank you for your reply. Can I say, NAC is not a specific device. Instead NAC is a combination of several kinds of device. ISE is one of its conponents? If we want to configure NAC, where to configure it? 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to interfacedy

‎09-19-2021 09:30 PM

Network Access Control is not a precisely defined term such as we would see from a standards body. Rather it is a loosely defined term that describes any set of methods that combine to control access to the network.

For instance, one could argue that the very basic port-security command is a form of network access control since we can use it to limit the devices that can connect to a given switch port.

Cisco ISE provides NAC in a much broader context, allowing us to incorporate context such as what device, which user, what location, what is the posture status of the device, time of day etc. all in the process of authorizing network access and also including fine-grained control over what type of access in the authorization result.

How to configure NAC in the case of ISE is the subject of numerous how-to guides and far to lengthy to describe here. You can have a look at the extensive prescriptive deployment guides posted elsewhere in the community. Start here:

https://community.cisco.com/t5/security-documents/tkb-p/4561-docs-security

and search for "descriptive deployment guide".

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card