- Chinese Internet censorship: An inside look
- Desktops of the future here today
- What network CEOs really make
- DoD sold counterfeit network gear
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
Discover how Wait-Time Analysis, a new approach to application and database performance optimization, allows IT professionals to fine-tune applications based on service levels. With this management tool you will find all root causes of problems impacting customers and identify the resources that will resolve that problem. Learn more today.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Watch this webcast to learn in six modules how to more cost effectively consolidate your Windows servers with virtualization. This unique program allows you to pick and choose which of the six modules you would like to view or watch the entire webcast at once. Topics covered: Performance, Use Cases, Enterprise-level Support, Managing Windows Workloads, Setup and Configuration and The Future. Find out how you can simplify server consolidation within your organization today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Most Westerners don't realize that most Chinese don't care about censorship, or even approve of it. There...- Anonymous
Part 2 of 2. In second part of our look at important network-access control issues, we take a look at important questions surrounding Cisco, NAC implementation and NAC policies. Review part 1 here.
Shouldn’t I just wait for Cisco?
Should I deploy a NAC appliance in-line or out-of-band?
What is the best method of enforcing NAC policies?
Shouldn’t I just wait for Cisco?
There’s really no need to wait because depending on what you want out of NAC, Cisco may already have it.
And if Cisco doesn’t yet offer what you want, there is still no need to wait because you can get alternatives from other vendors.
Cisco has a NAC appliance that can check devices before they get network access for virus software that it is updated and turned on and whether patch levels meet policy.
That said, the device is criticized by some for what it cannot do. “Cisco remains behind many of the other vendors in this space because of the inability to perform assessment checks beyond initial connection,” says Mandy Andress in her recent review of the appliance for Network World.
For example, the device does not perform periodic rechecks of devices once they have been admitted to the network to make sure they maintain their security posture.
The Cisco NAC Appliance does afford multiple enforcement methods, including placing the device inline with traffic where it can restrict traffic directly, having it work in tandem with 802.1X authentication or running it out of band where it controls an access switch. It can also enforce NAC for devices attaching via SSL or IPSec VPN through Cisco gear.
There are other appliances from other vendors that do more, and if Cisco’s appliance comes up short, these others can fill the bill.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
