iii
Contents
About This Guide
Intended Audience ............................................................................................................................................ vii
Related Documents .......................................................................................................................................... vii
Getting Help ..................................................................................................................................................... viii
Chapter 1: Overview
NAC Solution Overview .................................................................................................................................. 1-1
Key Functionality ...................................................................................................................................... 1-1
Deployment Models ................................................................................................................................. 1-2
NAC Solution Components ............................................................................................................................. 1-4
The NAC Appliance .................................................................................................................................. 1-4
NAC Gateway Appliance ....................................................................................................................1-5
NAC Controller Appliance...................................................................................................................1-5
Appliance Comparison .......................................................................................................................1-7
NetSight Management ............................................................................................................................. 1-9
NetSight NAC Manager ......................................................................................................................1-9
NetSight Console..............................................................................................................................1-10
NetSight Policy Manager ..................................................................................................................1-10
NetSight Inventory Manager.............................................................................................................1-10
RADIUS Server ...................................................................................................................................... 1-10
Assessment Server ................................................................................................................................ 1-10
Summary ...................................................................................................................................................... 1-10
Chapter 2: NAC Deployment Models
Model 1: End-System Detection and Tracking ............................................................................................... 2-1
Implementation ......................................................................................................................................... 2-1
Out-of-Band NAC ...............................................................................................................................2-1
Inline NAC (Layer 2) ...........................................................................................................................2-2
Inline NAC (Layer 3) ...........................................................................................................................2-2
Features and Value .................................................................................................................................. 2-2
Required and Optional Components ........................................................................................................ 2-3
Model 2: End-System Authorization ............................................................................................................... 2-3
Implementation ......................................................................................................................................... 2-4
Out-of-Band NAC ...............................................................................................................................2-4
Inline NAC ..........................................................................................................................................2-4
Features and Value .................................................................................................................................. 2-5
Required and Optional Components ........................................................................................................ 2-7
Model 3: End-System Authorization with Assessment ................................................................................... 2-8
Implementation ......................................................................................................................................... 2-8
Out-of-Band NAC ...............................................................................................................................2-8
Inline NAC ..........................................................................................................................................2-9
Features and Value ................................................................................................................................ 2-10
Required and Optional Components ...................................................................................................... 2-12
Model 4: End-System Authorization with Assessment and Remediation ..................................................... 2-12
Implementation ....................................................................................................................................... 2-13
Out-of-Band NAC .............................................................................................................................2-13
Inline NAC ........................................................................................................................................2-14
Features and Value ................................................................................................................................ 2-14
Required and Optional Components ...................................................................................................... 2-15
Summary ...................................................................................................................................................... 2-16
Содержание 9034385
Страница 1: ...Enterasys Network Access Control Design Guide P N 9034385...
Страница 2: ......
Страница 4: ...ii...
Страница 8: ...vi...
Страница 22: ...Summary 1 12 Overview...
Страница 98: ...Additional Considerations 5 34 Design Procedures...