beautypg.com

The nac appliance – IBM Tivoli and Cisco User Manual

Page 493

background image

Appendix B. Network Admission Control

475

support for a complex security implementation involving a number of security
vendors, combined with a corporate desktop management solution.

The NAC Appliance, available as Cisco Clean Access, provides rapid
deployment with self-contained endpoint assessment, policy management, and
remediation services. In addition, the NAC Framework integrates an intelligent
network infrastructure with solutions from more than 50 manufacturers of leading
antivirus and other security and management software solutions.

The NAC Appliance

The NAC Appliance products, delivered through the Cisco Clean Access product
line, provide rapid deployment with self-contained endpoint assessment, policy
management, and remediation services. This rapidly deployable

solution-in-a-box

technology automatically detects, isolates, and cleans infected

or vulnerable wired or wireless endpoints attempting to access a network.

Cisco Clean Access provides three critical protection functions:

Recognizes users, their devices, and their roles in the network, at the point of
authentication authorization

Evaluates the security posture of endpoints using either scanning and
analysis technology or a lightweight agent for deeper posture assessment, to
check for vulnerabilities

Enforces security policy in the network by blocking, quarantining, and
repairing noncompliant endpoints

Cisco Clean Access also provides the following implementation benefits:

Scalability - Cisco Clean Access can be deployed immediately to address
network admission needs while designing and evaluating the NAC
Framework, since Cisco Clean Access components can be integrated into the
broader NAC Framework architecture.

Rapid deployment - Cisco Clean Access is a

shrink-wrapped

, out-of-the-box

solution with pre-installed support for antivirus, antispyware, and Microsoft
updates.

Flexibility - Cisco Clean Access supports a heterogeneous network
infrastructure with multiple desktop operating systems.

Network characteristics that are ideal for selecting Cisco Clean Access include:

A non-802.1x LAN environment

Wireless, branch, remote, or simple LAN environments

Centralized IT environment and management

See also other documents in the category IBM Hardware: