| Clear Choice Test: NAC | |||||||||
|
|||||||||
Score: 3.03
Buyer's Guide: Network Access Control
Jamey Heary's blog, author of Cisco NAC Appliance
Cisco warns of vulnerabilities in NAC product
01/04/07
CISCO SUBNET: Network World presents the independent voice of Cisco customers
Cisco exec shares virtualization vision
Cisco's new CTO talks first impressions
20 useful sites for Cisco networking professionals
Free Cisco Press book chapters
Cisco Subnet bloggers: Brad Reese on Cisco | Jeff Doyle on IP routing | Wendell Odom on Cisco certs | Jamey Heary on Cisco security
Quiz: How much do you know about Cisco
Networking how-tos and hints and tips from our Cisco Subnet bloggers
Cisco unveils services approach to enterprise mobility
RE: Coming soon. Changes to NetworldWorld.com
cyberbullying article june, 2007
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cost: Pricing starts at $18,000 for Clean Access Server and Clean Access Manager.
Cisco’s NAC Appliance 4.1 (formerly called Cisco Clean Access) provides basic network-access-control functionality, such as antivirus and patch-status checks, but remains behind many of the other vendors in this space because of the inability to perform assessment checks beyond initial connection.
We reviewed CCA 3.4 in 2005 and beyond increased coverage for the antivirus market and new support for Windows Update services, we can’t point to any significant enhancements in the endpoint assessment or reporting areas between the two versions. Cisco’s biggest changes occurred in the authorization/authentication arena with the addition of single sign-on with Active Directory and integration with its Cisco VPN Concentrator product. From an enforcement perspective, Cisco now includes the ability to launch a remediation program if an endpoint fails its integrity check. None of these additions are particularly innovative, but rather are features that exist across the set of products tested.
The product has two main components and agent software. The Clean Access Manager provides centralized management features, while the Clean Access Server (CAS) provides the distributed enforcement capabilities. You can have multiple CASs deployed across your network, all managed through the single platform, which is a fairly typical scalability standard across the field of NAC products tested.
For testing, we placed the appliance running CAS in-line between the access and distribution layers of the network, which is typical of the in-line products tested.
Many other LAN-deployment options are available, such as placing it in an 802.1X-based network (see how that works in the NAC architecture test) or running it out-of-band, where it controls an access switch. Cisco NAC Appliance can also tap into Cisco’s VPN Concentrator to provide posture assessments and enforcement for remote-access users, which provides single sign-on for users. We verified this integration with IPSec only. Cisco also claims SSL VPN integration.
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
Copyright 2008 Network World Inc.
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary
[1,407]
Women 4 times more likely than men to cough up personal info
[589]
Japan's 10 funniest tech-related commercials [Videos]
[407]
Throwing away a promo CD is "unauthorized distribution"?
[1,265]
Adults too quick to dismiss educational video games
[682]
Attack of the iPhone clones [Slideshow]
[578]
10 things IT needs to know about AJAX
[1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow]
[409]
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Review: Cisco NAC lags competitors in advanced features By Cisconet on July 30, 2007, 2:26 pm Reply | Read entire comment Network-access control is a buzzword of epic proportion. And as is the case with much of larger-than-life industry vernacular, products with even the slightest aspect...
CIsco NAC: Did Cisco get a fair shake at the test? By Cisconet on August 22, 2007, 1:25 pm Reply | Read entire comment The man who wrote the book about Cisco NAC doesn't think so. Read what Jamey Heary, author of Cisco NAC Appliance, and Cisco Subnet blogger had to say about the...
All comments (2)