Cisco Systems G01028-1E manual Overview, How the eTrust Agent for Cisco NAC Works

Chapter 1: Overview

This chapter provides a brief description of how the eTrust Agent for Cisco Network Admission Control (NAC) works and lists the Computer Associates applications that are currently NAC-enabled. In addition, this chapter describes system requirements and product components.

Note: This document assumes that Cisco NAC is fully installed and running in your network environment. For information about Cisco NAC, refer to the following Cisco documents:

Network Admission Control (NAC) home page:

http://www.cisco.com/en/US/netsol/ns466/networking_solutions_sub_so lution_home.html

NAC User Guide for Cisco Secure ACS 3.3

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_u ser_guide_chapter09186a0080233612.html

NAC Attribute Management

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_u ser_guide_chapter09186a0080233621.html#wp617627

How the eTrust Agent for Cisco NAC Works

The eTrust Agent for Cisco NAC discovers the posture attributes for Computer Associates applications on an end-point device that attempts to access or use resources on a network administered with Cisco NAC. The Cisco Trust Agent (CTA), also located on the end-point device, passes the posture attributes to a Cisco Access Control Server (ACS). The ACS compares the posture attributes with a set of policies previously defined by a network administrator. Based on the results of the comparison, the end-point device may either be granted full primary network access or placed into a separate virtual network, where the device can go through a remediation process before it is allowed to connect to the primary network.

Overview 5