๐”– Scriptorium
โœฆ   LIBER   โœฆ
๐Ÿ“

Cisco Network Admission Control, Volume I: Nac Framework Architecture and Design

โœ Scribed by Helfrich, Denise;Bigbee, Paul;Ronnau, Lou;Forbes, Paul

Publisher
Cisco Press
Year
2006
Tongue
English
Leaves
265
Series
Networking Technology
Category
Library
โฌ‡  Acquire This Volume

No coin nor oath required. For personal study only.

โœฆ Synopsis

The first introduction to the Cisco NAC solution, this text addresses the security risks of remote and mobile computer users connecting to corporate networks. It enables end-point products to communicate security information, allowing networks to restrict access of non-compliant devices to the rest of the network.

โœฆ Table of Contents

Cover......Page 1
Contents......Page 9
Introduction......Page 16
What Is Network Admission Control?......Page 22
Cisco NAC Technology Progression......Page 23
Accessing a Network That Does Not Implement NAC......Page 24
Accessing a NAC Network......Page 25
NAC Benefits......Page 26
NAC Framework Components......Page 27
NAD Requirements......Page 29
Cisco Secure ACS Requirements......Page 31
NAC Framework Operational Overview......Page 32
NAC Framework Deployment Scenarios......Page 35
Summary......Page 37
Review Questions......Page 38
NAC Framework Authorization Process......Page 42
Posture Token Types......Page 45
Host Credential Information......Page 47
Arbitrary Information Collection with Cisco Trust Agent Scripting......Page 49
NAC Agentless Auditing......Page 50
NAC Modes of Operation......Page 52
NAC Communication Protocols......Page 53
Client-Side Front-End Protocols......Page 54
Server-Side Protocols......Page 55
NAC-L3-IP and NAC-L2-IP Posture Validation and Enforcement Process......Page 56
NAC-L3-IP and NAC-L2-IP Status Query......Page 58
NAC-L3-IP and NAC-L2-IP Revalidation......Page 59
NAC-L2-802.1X Identity with Posture Validation and Enforcement Process......Page 60
NAC Agentless Host Auditing Process......Page 63
ACL Types......Page 66
Cisco Trust Agent and Posture Plug-in Actions......Page 67
Summary......Page 68
Review Questions......Page 69
Posture Agent Overview......Page 74
Cisco Trust Agent Architecture......Page 76
Posture Agent Plug-in Files......Page 80
Operating System Support......Page 81
Posture Plug-in Functionality......Page 83
Cisco Trust Agent Protection......Page 85
Trusted Quality of Service......Page 86
Summary......Page 88
Review Questions......Page 89
Posture Validation Servers......Page 94
Cisco Secure Access Control Server......Page 95
NAC Framework Solution with External Policy Servers......Page 99
Audit Servers......Page 101
Policy Evaluation and Choosing a Posture Token......Page 102
NAC Agentless Hosts and Whitelisting......Page 103
Authorization......Page 104
Enforcement Actions......Page 105
Posture Plug-in Actions......Page 106
Summary......Page 107
Review Questions......Page 108
IEEE 802.1X Technology Overview......Page 112
Supplicant......Page 113
Authenticator......Page 114
IEEE 802.1X Operational Overview......Page 116
RADIUS......Page 118
EAP Negotiation......Page 121
End-to-End EAP......Page 122
Tunneled Method......Page 123
Authorization and Enforcement......Page 124
VLAN Assignment......Page 125
Default Operation......Page 126
The Guest-VLAN......Page 127
IP Telephony......Page 128
Management Utilities......Page 130
Supplemental Authentication Techniques......Page 132
NAC-L2-802.1X Identity with Posture Validation and Enforcement......Page 133
NAC Supplicants for 802.1X......Page 134
EAP-FAST......Page 135
Accounting......Page 136
Summary......Page 138
Review Questions......Page 139
Chapter 6 NAC Layer 3 Operations......Page 144
Posture Trigger Mechanisms for NAC-L3-IP and NAC-L2-IP......Page 145
Session Initiation Process......Page 146
Credential Validation......Page 147
RADIUS......Page 148
Cisco Trust Agent......Page 151
Policy Enforcement......Page 152
Voice Integration......Page 154
Impact of Trust Agent Disappearing......Page 155
Voice Integration Summary......Page 156
Exceptions to NAC Posture......Page 157
Summary......Page 158
Review Questions......Page 159
NAC Framework Lifecycle Process......Page 162
Define Your Corporate Security Policy......Page 164
Planning Phase......Page 168
NAC Solution Objectives......Page 169
Documenting Your Existing Infrastructure......Page 170
Integration Strategy......Page 177
Operational Strategy......Page 178
Proof of Concept......Page 179
Cost Considerations......Page 180
Design Phase......Page 182
Network Admission Policy Definition......Page 183
Solution Scalability and High-Availability Considerations......Page 198
Implementation Phase......Page 207
Staging Implementation......Page 208
Communication to Users......Page 214
Operation and Optimization Phases......Page 215
Summary......Page 216
Review Questions......Page 217
Policing Your Information Highway......Page 222
Asset Protection......Page 224
Detecting Misbehavior and Dealing with It......Page 226
Value Is in the NAC Partners......Page 227
Examples of Admission Control Uses......Page 228
Enforcing Physical Identification for Higher Security Clearance......Page 229
Enacting Roles-Based Provisioning......Page 230
Using Customized Shared Resources......Page 231
Summary......Page 232
Appendix A: Answers to Review Questions......Page 234
A......Page 256
D......Page 257
E......Page 258
N......Page 259
P......Page 260
T-U......Page 262
V-W-X-Y-Z......Page 263

๐Ÿ“œ SIMILAR VOLUMES

Cisco Network Admission Control, Volume
๐Ÿ“ Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design
โœ Denise Helfrich, Lou Ronnau, Jason Frazier, Paul Forbes ๐Ÿ“‚ Library ๐Ÿ“… 2006 ๐Ÿ› Cisco Press ๐ŸŒ English

<P style="MARGIN: 0px">Cisco Network Admission Control</P> <P style="MARGIN: 0px">Volume I: NAC Framework Architecture and Design</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">A guide to endpoint compliance enforcement</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">Today, a v

Cisco Network Admission Control, Volume
๐Ÿ“ Cisco Network Admission Control, Volume I: NAC Framework Architecture and Design
โœ Denise Helfrich, Lou Ronnau, Jason Frazier, Paul Forbes ๐Ÿ“‚ Library ๐Ÿ“… 2006 ๐Ÿ› Cisco Press ๐ŸŒ English

<P style="MARGIN: 0px">Cisco Network Admission Control</P> <P style="MARGIN: 0px">Volume I: NAC Framework Architecture and Design</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">A guide to endpoint compliance enforcement</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">Today, a v

Cisco Network Admission Control, Volume
๐Ÿ“ Cisco Network Admission Control, Volume II NAC Network Deployment and Troubleshooting
โœ Frahim, Jazib;White, David;Santos, Omar ๐Ÿ“‚ Library ๐Ÿ“… 2006 ๐Ÿ› Cisco Press ๐ŸŒ English

Cisco Network Admission Control Volume II: NAC Framework Deployment and Troubleshooting The self-defending network in action Jazib Frahim, CCIE(r) No. 5459 Omar Santos David White, Jr., CCIE No. 12,021 When most information security professionals think about threats to their networks, they think abo

Cisco Network Admission Control, Volume
๐Ÿ“ Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting
โœ Jazib Frahim, Omar Santos, David White Jr ๐Ÿ“‚ Library ๐Ÿ“… 2006 ๐Ÿ› Cisco Press ๐ŸŒ English

<P style="MARGIN: 0px">Cisco Network Admission Control</P> <P style="MARGIN: 0px">Volume II: NAC Framework Deployment and Troubleshooting</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">The self-defending network in action</P> <P style="MARGIN: 0px">ย </P> <P style="MARGIN: 0px">Jazib Fr

Cisco Network Admission Control, Volume
๐Ÿ“ Cisco Network Admission Control, Volume II: Deployment and Troubleshooting
โœ Omar Santos, Jazib Frahim ๐Ÿ“‚ Library ๐Ÿ“… 2005 ๐Ÿ› Cisco Press ๐ŸŒ English

Secure the network edge with the premier book on NAC deployment and management * The first book on deploying and managing the Cisco NAC solution * Addresses the security risks of remote and mobile computer users connecting to corporate networks * Enables end-point products (i.e. PCs, servers, and PD