Implementation av Network Admission Control
Abstract (Summary)This examination work is about implementation of Cisco Systems Network Admission Control (NAC) within a leading IT-company in region of Jönköping. NAC is a technique that is used for securing the internal network from the inside. NAC can verify that the client who connects to the network has the latest antivirus updates and latest operative system hotfixes. Clients who don’t meet the criteria can be placed in quarantine VLAN where they only have access to the update servers. There are also functions that handle VLAN assignment for users.The assignment where to produce a solution for an implementation of NAC in the company’s computer network. The questions that where asked are the following, if and how could NAC be implemented in the company’s computer network.An analysis where made of the company’s computer network, to see if the computer network meet the requirements for implementing NAC. The result of this analysis showed that there where a loss of functions needed for a working NAC solution. The computer network where rebuild from scratch to meet the new demands for NAC. After completion of the new computer network the NAC solution were taking shape. This was made in consultation with the company to get a clear picture of the needs. The result of the discussion lead to a so called “Out-of-band virtual gateway” solution. The solution builds on that the client is placed in an authentication VLAN when connecting to the computer network, after that an authentication process begins. During this process the client is checked to verify that the criteria’s are fulfilled, if so the client is moved to his access VLAN.These solutions increase the internal security in the computer network and reduce the risks for virus spreading within the network.
School:Högskolan i Jönköping
Source Type:Master's Thesis
Keywords:nac caa cas cam cisco
Date of Publication:08/06/2007