Already a member?
Sign in
Welcome! Wikis are websites that everyone can build together. It's easy!
30 Network Admission Control
NETWORK ADMISSION CONTROL
Taping Date: February 6, 2008
Air Date: March 6, 2008
Register Here
Guests:
Alok Agrawal, TME Manager from the Cisco NAC BU
David Anderson, PM from the Cisco NAC BU
Book Recommendation
Cisco NAC Appliance: Enforcing Host Security with Clean Access
Success Story:
University Virtually Eliminates Infections from Internal Users
Virginia Commonwealth University (VCU) recently implemented a comprehensive Cisco security architecture, including ASA, IPS, MARS, SSL VPN and NAC Appliance to protect its data and infrastructure. The video features VCU's Cisco NAC deployment and how it helps control network access, immediately identify copyright violations, and has reduced infections from internal users by approximately 90%.
Segmentation:
Segment 1: NAC Foundational Concepts
Segment 2: Server Deployment Modes
Segment 3: Topology and Design
Segment 4: Behavioral Profiling
Links: (some may require a CCO login)
The Chalk Talk Series is a great follow on for finding more detailed info in both audio and video form.
NAC Appliance Product Page
Cisco NAC Appliance
Show Description:
In its most basic form, the concept of Network Admission Control (NAC) is quite simple: Define and enforce a security policy that establishes a minimum set of standards that must be met prior to allowing entry to the network. Simple in theory, much more complex in its execution.
NAC is not a one shot installation. It eventually should involve your entire infrastructure and address every point of entry. This usually translates into a phased approach that may involve addressing your riskiest threat vectors first followed by a gradual rollout as time and budgets allow.
Your network and your goals are unique however and these factors will dictate where and how you get started or ultimately finish.
There are details that often get left out of the standard sales pitch. Understanding the impact of your design decisions can make the difference in a project you are proud to reference and not one you would like to sweep under the rug.
This episode is about asking the hard questions as we explore the various technical options available in a mature, goal oriented, NAC implementation.
Seems that every network design question comes with the engineer’s favorite answer: it depends. What does it depend on? That’s what we cover today.
You will walk away with the following questions answered:
1. Is NAC ready for YOUR particular network?
2. What are the four deployment modes you should consider?
3. What are the design implications for VPN, Wireless, Remote Sites or a Campus?
4. What happens when things fail?
5. How do you account for non-PC devices without a bunch of manual work-arounds and dangerous choices?
Cisco NAC Blog
Interesting Articles:
Is NAC Dead
NAC Gains Traction
“What Businesses want from NAC”
In a recent NAC survey of businesses, the Aberdeen Group listed the top requirements that the respondents had for NAC. The top technology requirements were: preventing unauthorized users and machines from accessing the network; logging all access events and recording them centrally; enforcing policies on remote users; and quarantining unhealthy machines.
The Survey
Questions - Why were certain items ranked lower....?
Is NAC Dying?
Great set of NAC Articles at Dark Reading
| SPOTLIGHT |
Taping Date: February 6, 2008
Air Date: March 6, 2008
Register Here
Guests:
Alok Agrawal, TME Manager from the Cisco NAC BU
David Anderson, PM from the Cisco NAC BU
Book Recommendation
Cisco NAC Appliance: Enforcing Host Security with Clean Access
Success Story:
University Virtually Eliminates Infections from Internal Users
Virginia Commonwealth University (VCU) recently implemented a comprehensive Cisco security architecture, including ASA, IPS, MARS, SSL VPN and NAC Appliance to protect its data and infrastructure. The video features VCU's Cisco NAC deployment and how it helps control network access, immediately identify copyright violations, and has reduced infections from internal users by approximately 90%.
Segmentation:
Segment 1: NAC Foundational Concepts
Segment 2: Server Deployment Modes
Segment 3: Topology and Design
Segment 4: Behavioral Profiling
Links: (some may require a CCO login)
The Chalk Talk Series is a great follow on for finding more detailed info in both audio and video form.
NAC Appliance Product Page
Cisco NAC Appliance
Show Description:
In its most basic form, the concept of Network Admission Control (NAC) is quite simple: Define and enforce a security policy that establishes a minimum set of standards that must be met prior to allowing entry to the network. Simple in theory, much more complex in its execution.
NAC is not a one shot installation. It eventually should involve your entire infrastructure and address every point of entry. This usually translates into a phased approach that may involve addressing your riskiest threat vectors first followed by a gradual rollout as time and budgets allow.
Your network and your goals are unique however and these factors will dictate where and how you get started or ultimately finish.
There are details that often get left out of the standard sales pitch. Understanding the impact of your design decisions can make the difference in a project you are proud to reference and not one you would like to sweep under the rug.
This episode is about asking the hard questions as we explore the various technical options available in a mature, goal oriented, NAC implementation.
Seems that every network design question comes with the engineer’s favorite answer: it depends. What does it depend on? That’s what we cover today.
You will walk away with the following questions answered:
1. Is NAC ready for YOUR particular network?
2. What are the four deployment modes you should consider?
3. What are the design implications for VPN, Wireless, Remote Sites or a Campus?
4. What happens when things fail?
5. How do you account for non-PC devices without a bunch of manual work-arounds and dangerous choices?
Cisco NAC Blog
Interesting Articles:
Is NAC Dead
NAC Gains Traction
“What Businesses want from NAC”
In a recent NAC survey of businesses, the Aberdeen Group listed the top requirements that the respondents had for NAC. The top technology requirements were: preventing unauthorized users and machines from accessing the network; logging all access events and recording them centrally; enforcing policies on remote users; and quarantining unhealthy machines.
The Survey
Questions - Why were certain items ranked lower....?
Is NAC Dying?
Great set of NAC Articles at Dark Reading
Latest page update: made by robboyd
, Feb 27 2008, 11:06 AM EST
(about this update
About This Update
Edited by robboyd
No content added or deleted.
- complete history)
Edited by robboyd
No content added or deleted.
- complete history)
Keyword tags: None
More Info: links to this page
| Started By | Thread Subject | Replies | Last Post | |
|---|---|---|---|---|
| jsanbower | Layer 3 OOB | 2 | Jan 23 2008, 3:49 PM EST by alokagrawal | |
|
Thread started: Jan 21 2008, 11:45 PM EST
Watch
I would like to get a better public explanation on Cisco's Pro/Cons list of the different deployment options for deploying L3 OOB in a campus environment. Why chose ACLs/VRF/PBR for your deployments and why? What are the deciding factors?
3
out of
3 found this valuable.
Do you?
Keyword tags:
Possible Subjects
|
||||
