Network Admission Control (NAC) is a Cisco Systems sponsored industry initiative that uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from viruses and worms.
Using NAC, organizations can provide network access to endpoint devices such as PCs, PDAs, and servers that are verified to be fully compliant with established security policy. NAC can also identify noncompliant devices and deny them access, place them in a quarantined area, or give them restricted access to computing resources.
NAC is part of the Cisco Self-Defending Network, an initiative to increase network intelligence in order to enable the network to automatically identify, prevent, and adapt to security threats.
NAC offers the following benefits:
- Comprehensive span of control - All of the access methods that hosts use to connect to the network are covered, including campus switching, wireless, router WAN links, IP Security (IPSec) remote access, and dialup.
- Multivendor solution - NAC is the result of a multivendor collaboration between leading security vendors, including antivirus, desktop management, and other market leaders.
- Extension of existing technologies and standards - NAC extends the use of existing communications protocols and security technologies, such as Extensible Authentication Protocol (EAP), 802.1x, and RADIUS services.
- Extension of existing network and antivirus investments - NAC combines existing investments in network infrastructure and security technology to provide a secure admission control solution.
Network Admission Control is a strategic program in which Cisco shares technology features with approved program participants. Participants design and sell third-party client and server applications that incorporate these features that are compatible with the Network Admission Control (NAC) infrastructure.
