Home > Articles > Cisco Network Technology > General Networking > The Building Blocks in a Cisco NAC Appliance Design

The Building Blocks in a Cisco NAC Appliance Design

Chapter Description

This chapter focuses on the building blocks available with the Cisco NAC Appliance solution. The purpose and function of each piece is covered, as are the requirements, scalability, and performance of these building blocks.


This chapter examined the various building blocks that make up the Cisco NAC Appliance solution. Those building blocks are as follows:

  • Cisco NAC Appliance Manager
  • Cisco NAC Appliance Server
  • Cisco Clean Access Agent
  • Cisco NAC Appliance Network Scanner

The purpose and function of each piece was covered and can be summarized as follows:

  • NAC Appliance Manager is the administration server. It allows you to centrally manage and monitor your deployment of NAC Appliance Servers and Clean Access Agents.
  • NAC Appliance Server is the policy enforcer, or the policy firewall, between the untrusted networks and the trusted networks. NAC Appliance Server's job is to enforce the security policies created in NAC Appliance Manager.
  • Clean Access Agent is a free software program that resides on client PCs. It is a read-only agent whose job is to gather information about the user and host it is installed on.
  • NAC Appliance Network Scanner allows you to scan hosts to check for known vulnerabilities. It uses the embedded Nessus vulnerability scanning software for this function.

The chapter finished with an overview of the minimum hardware and software requirements and performance metrics of the different building blocks. It was recommended that the newer appliance form factors be used for the NAC Appliance Manager and NAC Appliance Server pieces.