Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design

Product Description

Cisco Network Admission Control

Volume I: NAC Framework Architecture and Design

A guide to endpoint compliance enforcement

Today, a variety of security challenges affect all businesses regardless of size and location. Companies face ongoing challenges with the fight against malware such as worms, viruses, and spyware. Today’s mobile workforce attach numerous devices to the corporate network that are harder to control from a security policy perspective. These host devices are often lacking antivirus updates and operating system patches, thus exposing the entire network to infection. As a result, worms and viruses continue to disrupt business, causing downtime and continual patching. Noncompliant servers and desktops are far too common and are difficult to detect and contain. Locating and isolating infected computers is time consuming and resource intensive.

Network Admission Control (NAC) uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from emerging security threats. NAC allows network access only to compliant and trusted endpoint devices (PCs, servers, and PDAs, for example) and can restrict the access of and even remediate noncompliant devices.

Cisco Network Admission Control, Volume I, describes the NAC architecture and provides an in-depth technical description for each of the solution components. This book also provides design guidelines for enforcing network admission policies and describes how to handle NAC agentless hosts. As a technical primer, this book introduces you to the NAC Framework solution components and addresses the architecture behind NAC and the protocols that it follows so you can gain a complete understanding of its operation. Sample worksheets help you gather and organize requirements for designing a NAC solution.

Denise Helfrich is a technical program sales engineer that develops and supports global online labs for the World Wide Sales Force Development at Cisco®.

Lou Ronnau, CCIE® No. 1536, is a technical leader in the Applied Intelligence group of the Customer Assurance Security Practice at Cisco.

Jason Frazier is a technical leader in the Technology Systems Engineering group for Cisco.

Paul Forbes is a technical marketing engineer in the Office of the CTO, within the Security Technology Group at Cisco. 

• Understand how the various NAC components work together to defend your network
• Learn how NAC operates and identifies the types of information the NAC solution uses to make its admission decisions
• Examine how Cisco Trust Agent and NAC-enabled applications interoperate
• Evaluate the process by which a policy server determines and enforces a policy
• Understand how NAC works when implemented using NAC-L2-802.1X, NAC-L3-IP, and NAC-L2-IP
• Prepare, plan, design, implement, operate, and optimize a network admission control solution

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Category: Cisco Press–Security

Covers: Network Admission Control

1587052415120506

Customer Reviews

this book provides a comprehensive view of the Cisco NAC scheme, May 12, 2007 By  Sreedharan Sreejith "raj" (bay area) - See all my reviews    This review is from: Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design (Paperback) This book provides quite a good overview of the NAC technology as well as covers areas like market and deployment models. For someone new to NAC, this book will be a good introduction to the NAC technology and the various terminologies used. NAC, being still an evolving technology, this book addresses only one view of the NAC, and reader may refer to else where to get a more complete picture of the NAC. Also, this book covers the protocols and components used only at a high level, and specific details are missing in the description. Help other customers find the most helpful reviews  Was this review helpful to you?  Report abuse | Permalink  Comment 1 of 2 people found the following review helpful The Biggest Problems Come from Within, January 10, 2007 By  John Matlock "Gunny" (Winnemucca, NV) - See all my reviews    This review is from: Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design (Paperback) It is generally believed that the biggest problems in network security come from the outside, but only sometimes is this true. The biggest loses tend to come from the inside. The people inside your company or organization know more about what there is to steal, how to create the most damage, and furthermore may feel that they have a direct reason to be angry and wanting to cause deliberate damage. The second part of the problem is that todays organizations may have huge networks with many different areas to be protected from many different kinds of people, coming into the systems from many areas withing the organization including other facilities, suppliers, customers, remote salesmen, travelling executives, etc. Cisco NAC Architecture and Design, the first volume in this series covers the protocols, design concepts, networking structure - in general the higher level preliminary setup of the NAC. This volume covers the nuts and bolts of the actual... Read more Help other customers find the most helpful reviews  Was this review helpful to you?  Report abuse | Permalink  Comment

Share your thoughts with other customers:

› See both customer reviews...

Praise For Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design

I highly recommend Cisco Network Admission Control Volume 1: NAC Framework Architecture and Design for anyone who is concerned about securing their network endpoints and corporate assets from compromise locally, on the WAN, and via VPN.
Read the complete review at www.adultspie.com

Index

Download - 63.4 KB -- Index

Downloadable Sample Chapter

Download - 73.7 KB -- Chapter 8: NAC Now and Future Proof for Tomorrow