| Clear Choice Test: NAC | |||||||||
|
|||||||||
Score: 3.03
Buyer's Guide: Network Access Control
Jamey Heary's blog, author of Cisco NAC Appliance
Cisco warns of vulnerabilities in NAC product
01/04/07
CISCO SUBNET: An independent Cisco community
Cisco backpedals on WiMAX with Starent buy
Cisco unified communications saves money for Henny Penny
Cisco reportedly taps Microsoft exec to head collaboration
Cisco IronPort data-loss prevention: beta testers share insights
Cisco lays off hundreds in San Jose
Cisco attempts to explain its strategy. In a word: video
Dallas Cowboys deck out new stadium with Cisco video
Cisco multimillionaire goes broke, loses $300 million fortune
Porn plus Facebook can lead to embarrassment, perhaps worse
11/25/09
The mechanism behind a click-jacking attack that was spread by luring in Facebook users with a link to a porn site has the potential to do more damage than just embarrassing those who fall for it.
The evolving branch office
11/25/09
In a recent newsletter we introduced the concept of Application Delivery 2.0. One of the steps that IT organizations are taking in order to support the requirements of application delivery 2.0 is to implement a next generation branch office. As the next three newsletters will demonstrate, the next generation branch office represents a multi-year movement away from branch offices that are IT-heavy to ones that are IT-lite.
SANS official talks security
11/25/09
This is the second of two parts of an interview of Stephen Northcutt by technologist David Greer.
E-Mail article
|
|
Print article
|
|
Contact author
|
Reprint
|
AIM article
|
del.icio.us |
Reddit
|
Digg
|
Stumble
|
Slashdot It!
|
Cost: Pricing starts at $18,000 for Clean Access Server and Clean Access Manager.
Cisco’s NAC Appliance 4.1 (formerly called Cisco Clean Access) provides basic network-access-control functionality, such as antivirus and patch-status checks, but remains behind many of the other vendors in this space because of the inability to perform assessment checks beyond initial connection.
We reviewed CCA 3.4 in 2005 and beyond increased coverage for the antivirus market and new support for Windows Update services, we can’t point to any significant enhancements in the endpoint assessment or reporting areas between the two versions. Cisco’s biggest changes occurred in the authorization/authentication arena with the addition of single sign-on with Active Directory and integration with its Cisco VPN Concentrator product. From an enforcement perspective, Cisco now includes the ability to launch a remediation program if an endpoint fails its integrity check. None of these additions are particularly innovative, but rather are features that exist across the set of products tested.
The product has two main components and agent software. The Clean Access Manager provides centralized management features, while the Clean Access Server (CAS) provides the distributed enforcement capabilities. You can have multiple CASs deployed across your network, all managed through the single platform, which is a fairly typical scalability standard across the field of NAC products tested.
For testing, we placed the appliance running CAS in-line between the access and distribution layers of the network, which is typical of the in-line products tested.
Many other LAN-deployment options are available, such as placing it in an 802.1X-based network (see how that works in the NAC architecture test) or running it out-of-band, where it controls an access switch. Cisco NAC Appliance can also tap into Cisco’s VPN Concentrator to provide posture assessments and enforcement for remote-access users, which provides single sign-on for users. We verified this integration with IPSec only. Cisco also claims SSL VPN integration.
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
Copyright 2008 Network World Inc.
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary [1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
Network World on Twitter: Get our tweets and stay plugged in to networking news
Review: Cisco NAC lags competitors in advanced features By Cisconet on July 30, 2007, 2:26 pm Reply | Read entire comment Network-access control is a buzzword of epic proportion. And as is the case with much of larger-than-life industry vernacular, products with even the slightest aspect...
CIsco NAC: Did Cisco get a fair shake at the test? By Cisconet on August 22, 2007, 1:25 pm Reply | Read entire comment The man who wrote the book about Cisco NAC doesn't think so. Read what Jamey Heary, author of Cisco NAC Appliance, and Cisco Subnet blogger had to say about the...
All comments (2)