Solved

Controlled Ports: Cisco Clean Access

Posted on 2011-03-16
3
294 Views
Last Modified: 2012-06-21
Hi,

1) Most of the ports in a company are controlled ports
2) All Desktops and Laptops which are connected to the company's network ports, should install a client which are called "the Cisco Clean Access"
3) There are problems with some ports:
-The workstation or laptop there are STILL getting the IP address, but they can not get to the network or internet at all
4) I saw the consultant "popped up" the management console of the Cisco Clean Access"
- Where they can go to the switches where the network ports are connected
- She click "update" in the management console, and the ports are functioning well again
5) My questions:
How to get the Management Console of the Cisco Clean Access? What software to be installed? Is there any certain configuration to be made for it? Please also explain any other related issues related to it
6) Thank you

tjie
0
Comment
Question by:tjie
3 Comments
 
LVL 17

Accepted Solution

by:
surbabu140977 earned 255 total points
Comment Utility
Cisco NAC Appliance is a network-centric integrated solution administered from the Clean Access Manager web console and enforced through the Clean Access Server and (optionally) the Agent.

So what you are seeing is the web console of your NAC deployment and it's negative that any other person would be allowed to access apart from your network administrator.

The NAC(Network access control) is the heart of your organization's security and you can well forget about operating the console if you are not authorized.

Best,


0
 

Author Comment

by:tjie
Comment Utility
surbabu140977,

1) Yeep, it seems your answers are in the right direction ....
2) Let me ask more tp clarify it ...
3) ++++++ .... enforced through the Clean Access Server and (optionally) the Agent.++++++
      @ Is there ANY clean access server?
      @ If Yes, This Clean Access Serve will be installed in What Operating System? (The Linux box or Windows Operating System?) (Is like the BigBrother or Xymon that should be installed in the Linux Box?)

4) ++++++ So what you are seeing is the web console of your NAC deployment ....++++++
      @Would you explain a little bit of this?
      @ Is it something like "Web Server"?
      @ Or a part of IIS (Internet Information Server)?
5) Thank you

tjie
0
 
LVL 18

Assisted Solution

by:decoleur
decoleur earned 245 total points
Comment Utility
to answer your questions:

Yes, it sounds like there is a clean access server on your network that enforces policy on switch ports. It is a linux solution that is managed by the administrators responsible for admin. IT is highly customizable and can require an agent to be installed or a machine to be authenticated before allowing network access.

NAC is typically used to secure network access and require that all users that connect to the network meet predefined requirements before being allowed to access resources.

The reason that some ports allow access and others do not has to do with how the clean access solution is configured and that the hosts trying to access resources haven't gone through the appropriate verification process.

There are a couple uses for web interfaces in a NAC deployment without more information I can describe specifically what you are seeing.

most likely you are being prompted to present your credentials to gain access to the network, not the NAC admin interface. If you are not an authorized user NAC doesn't let you out of the gates.

what are you trying to find out. It seems like you are looking for answers to specific questions that have not really been asked, yet.

hope this helps,

-t
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now