NAC0 pages
Data Sheet
Cisco Network Admission Control (NAC) Solution
New: Updated to include the Cisco Secure Network Server (SNS)
®
Cisco Network Admission Control (NAC) solutions allow you to authenticate wired, wireless, and VPN users and
devices to the network; evaluate and remediate a device for policy compliance before permitting access to the
network; differentiate access based on roles; and then audit and report on who is on the network.
Product Overview
The Cisco NAC Solution is a powerful, easy-to-deploy admission control and compliance enforcement component
®
of the Cisco TrustSec solution. With comprehensive security features, in-band or out-of-band deployment
options, user authentication tools, and bandwidth and traffic filtering controls, the Cisco NAC Solution is a
comprehensive offering for controlling and securing networks. You can implement security, access, and
compliance policies through a central management point rather than configure policies throughout the network on
individual devices.
Features and Benefits
The Cisco NAC Solution is an integral component of the Cisco TrustSec. The Cisco NAC Solution:
●
Prevents unauthorized network access to protect your information assets
●
Helps proactively mitigate network threats such as viruses, worms, and spyware
●
Addresses vulnerabilities on user machines through periodic evaluation and remediation
●
Brings you significant cost savings by automatically tracking, repairing, and updating client machines
●
Recognizes and categorizes users and their devices before malicious code can cause damage
●
Evaluates security policy compliance based on user type, device type, and operating system
●
Enforces security policies by blocking, isolating, and repairing noncompliant machines in a quarantine area
without needing administrator attention
●
Applies posture assessment and remediation services to a variety of devices, operating systems, and
device access methods including LAN, WLAN, WAN, and VPN
●
Enforces policies for all operating scenarios without requiring separate products or additional modules
●
Supports seamless single sign-on through an agent with automated remediation
●
Provides clientless web authentication for guest users
Authentication Integration with Single Sign-On
Cisco NAC works with existing authentication sources, natively integrating with Active Directory, Lightweight
Directory Access Protocol (LDAP), RADIUS, Kerberos, S/Ident, and others. For the convenience of end users,
Cisco NAC supports single sign-on for VPN clients, wireless clients, and Windows Active Directory domains.
Administrators can maintain multiple user profiles with different permission levels through the use of role-based
access control.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 1
"