Nac, Nad | IBM Tivoli and Cisco specs

IBM Tivoli Security Compliance Manager see Security Compliance Manager

identity

... based networking services 95 Identity Manager

Access Control Server provisioning 25 IEEE 802.1x 16, 22, 26, 68, 81, 95, 265

credentials 112 in-band 45

... vs. out-of-band 456

NAC Appliance deployment 303 infected 60

system posture token 114 initiation phase 35 installation

... of Cisco Trust Agent 190 integrity 30

Internet

access proxy 34 IOS router

useful commands 452 IP telephony devices 300 IP-connected printers 300 IPSec 16

machine authentication 112 manual remediation 116 MASS 14, 63

matching rule 174

Method for Architecting Secure Solutions 14, 63 mobile user 96

monitoring 226

NAC

see network admission control NAC Appliance 17, 45, 82, 475

Clean Access Agent configuration 334

comparing with NAC Framework						17
components		455
configuration		303
default login page 315
port profile	320
SNMP receiver			323
switch configuration				352
switch group		316
switch profile		319
traffic policy 329
user roles	327
NAC Framework		80, 476
comparing with NAC Appliance						17
configuration		214
NAC L2 802.1x
switch configuration				291
NAC L2 IP
switch configuration				291, 295
NAC L3 IP
router configuration				291, 298
NAD
see network access device
network
access control
requirements			96
access decision			99
access filtering			217, 287
access profile		112, 271, 289
administrators involvement 26
admission
check	106
policy	103
bandwidth	35
design factors		33
device group		112, 229
enforcement subsystem					213
identity provisioning				24
infrastructure		26
deployment			291
interface configuration					301
performance		34
perimeter security				80
policy enforcement				60
protocol layer 2			33
security 63, 96, 473
step-up security			24
zone 64
network access device				35–36, 43, 54, 101
configuration		58

490Building a Network Access Control Solution with IBM Tivoli and Cisco Systems