You do not have the Flash plugin installed, or your browser does not support Javascript (you should enable it, perhaps?)

Network Admission Control (NAC) strengthens an organisations security posture by enforcing security policies on all known and unknown devices that attempt to connect to the corporate network. Cisco NAC can ensure that only trusted and compliant endpoint devices such as company issued laptops, PDAs and workstations are granted access to the network whilst restricting access to non-compliant or unknown devices such as those used by guest users and contractors.

Cisco NAC delivers role-based access controls to determine all forms of network access. Network Administrators are given the flexibility to dynamically assign users to VLANs according to both user profile and security posture. By directly interacting with the network switching fabric, Cisco NAC can dynamically move users into role-based VLANs according to their job functions. For example, Finance users are dynamically assigned to a Finance VLAN whereas IT Administrators are assigned to an IT Admin VLAN. This allows an organisation to separate users based on their role, and ensures that Security controls can be assigned to users without causing end-to-end performance degradation.

In addition to allocating users to dedicated VLANs, Cisco NAC can posture check clients before they are connected to the network. This allows IT Administrators to check for the presence of Anti Virus engines and up-to-date antivirus signatures. In addition, it can check for Critical OS updates, the presence of spyware and perform vulnerability analysis against any connecting device. As well as conducting posture assessment against a client, Cisco NAC also has an inbuilt mechanism for remediating clients. As a consequence, only devices that fit an “approved” security posture are allowed to join the network.

….What this means is that if a client tries to connect to the network that does not have up-to-date antivirus signatures, it is posture assessed and receives AV updates distributed through the NAC infrastructure, before network access is granted.

Cisco NAC works with both Wireless & traditional Wired LAN environments. Upon successful posture assessment, the LAN environment dynamically updates to allow users access to the infrastructure without having to pass traffic through the NAC enabled appliances.

Nettitude is a Cisco Advanced Security Partner, specialising in the deployment of complex yet secure network infrastructures. As well as working extensively with the Cisco Security product set, Nettitude’s consultancy led engagements also allow us to integrate Cisco NAC with multi-vendor offerings.