Cisco NAC Appliance Enforcing Host Security with Clean Access
, by Heary, Jamey; Lin, Jerry; Sullivan, Chad; Agrawal, Alok- ISBN: 9781587053061 | 1587053063
- Cover: Paperback
- Copyright: 8/6/2007
About the Author
Jamey Heary, CCIE No. 7680, is currently a security consulting systems engineer at Cisco Systems, Inc., and works with its largest customers in the Northwest United States. Jamey joined Cisco in 2000. He currently leads its Western Security Asset team and is a field advisor for the U.S. Security Virtual team. Prior to working at Cisco, he worked for the Immigration and Naturalization Service as a network consultant and project leader. Before that he was the lead network and security engineer for a financial firm whose network carries approximately 12 percent of the global equities trading volume worldwide. His areas of expertise include network and host security design and implementation, security regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and Microsoft MCSE. He is also a Certified HIPAA Security Professional. He has been working in the IT field for 13 years and in IT security for 9 years. He has a BS from St. Lawrence University.
About the Contributing Authors
Jerry Lin, CCIE No. 6469, is a consulting systems engineer for Cisco and is based in southern California. He specializes in security best practices. Jerry has worked with a variety of Cisco enterprise customers in areas such as software development, local government agencies, K—12 and universities, high tech manufacturing, retail, and health care, as well as managed web-hosting service provider customers. He holds his CCIE in routing and switching as well as in CCDP and CISSP. Jerry has been working in the IT industry for the past 12 years. During the late 1990s, he worked as a technical instructor. Jerry earned both a bachelor’s degree and a master’s degree in mechanical engineering from the University of California, Irvine.
Chad Sullivan, CCIE No. 6493 (Security, Routing and Switching, SNA/IP), CISSP, CHSP, is a senior security engineer and owner of Priveon, Inc., which provides leading security solutions to customers globally. Prior to starting Priveon, Chad worked as a security consulting systems engineer at Cisco. Chad is recognized within the industry as one of the leading implementers of the Cisco Security Agent product and is the author of both Cisco Press books dedicated to the Cisco Security Agent.
Alok Agrawal is the technical marketing manager for the Cisco NAC Appliance (Clean Access) product. He leads the technical marketing team developing technical concepts and solutions and driving future product architecture and features. He works with the Cisco sales and partner community to scale the adoption of the NAC Appliance product line globally. Prior to joining the Cisco Security Technology Group, he worked in the switching team of the Cisco Technical Assistance Center. He has a strong background in routing and switching and host security design and implementation. Alok holds a master’s degree in electrical engineering from the University of Southern California and a bachelor’s degree in electronics engineering from the University of Mumbai.
Introduction | p. xxii |
The Host Security Landscape | p. 3 |
The Weakest Link: Internal Network Security | p. 5 |
Security Is a Weakest-Link Problem | p. 6 |
Hard Outer Shell with a Chewy Inside: Dealing with Internal Security Risks | p. 7 |
The Software Update Race: Staying Ahead of Viruses, Worms, and Spyware | p. 9 |
Summary | p. 10 |
Introducing Cisco Network Admission Control Appliance | p. 13 |
Cisco NAC Approaches | p. 13 |
NAC as an Appliance | p. 13 |
NAC as an Embedded Solution | p. 15 |
Cisco NAC Integrated Implementation | p. 16 |
Cisco NAC Appliance Overview | p. 16 |
Cisco NAC Return on Investment | p. 17 |
Summary | p. 18 |
The Blueprint: Designing a Cisco NAC Appliance Solution | p. 21 |
The Building Blocks in a Cisco NAC Appliance Design | p. 23 |
Cisco NAC Appliance Solution Components | p. 23 |
Cisco NAC Appliance Manager | p. 24 |
Cisco NAC Appliance Server | p. 25 |
Cisco Clean Access Agent | p. 28 |
Cisco NAC Appliance Network Scanner | p. 29 |
Cisco NAC Appliance Minimum Requirements | p. 30 |
Cisco NAC Appliance Manager and Server Requirements | p. 31 |
Cisco Clean Access Agent Requirements | p. 32 |
Scalability and Performance of Cisco NAC Appliance | p. 33 |
Summary | p. 33 |
Making Sense of All the Cisco NAC Appliance Design Options | p. 35 |
NAC Design Considerations | p. 35 |
Single-Sign-On Capabilities | p. 36 |
In-Band Versus Out-of-Band Overview | p. 36 |
Layer 2 Versus Layer 3 Client Adjacency Overview | p. 37 |
Virtual Gateway Versus Real IP Gateway Overview | p. 37 |
Deployment Options | p. 38 |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.