Overview 5
This chapter provides a brief description of how the eTrust Agent for Cisco
Network Admission Control (NAC) works and lists the Computer Associates
applications that are currently NAC-enabled. In addition, this chapter describes
system requirements and product components.
Note: This document assumes that Cisco NAC is fully installed and running in
your network environment. For information about Cisco NAC, refer to the
following Cisco documents:
Network Admission Control (NAC) home page:
http://www.cisco.com/en/US/netsol/ns466/networking_solutions_sub_so
lution_home.html
NAC User Guide for Cisco Secure ACS 3.3
http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_u
ser_guide_chapter09186a0080233612.html
NAC Attribute Management
http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_u
ser_guide_chapter09186a0080233621.html#wp617627
How the eTrust Agent for Cisco NAC Works
The eTrust Agent for Cisco NAC discovers the posture attributes for Computer
Associates applications on an end-point device that attempts to access or use
resources on a network administered with Cisco NAC. The Cisco Trust Agent
(CTA), also located on the end-point device, passes the posture attributes to a
Cisco Access Control Server (ACS). The ACS compares the posture attributes
with a set of policies previously defined by a network administrator. Based on
the results of the comparison, the end-point device may either be granted full
primary network access or placed into a separate virtual network, where the
device can go through a remediation process before it is allowed to connect to the
primary network.