1.2. A Diagram Is Worth a Thousand Descriptions
Although a picture is worth a thousand words, a diagram can help provide a visual definition or description of NAC — especially the different types of NAC solutions and deployment methods. In the following sections, you can find diagrams that illustrate different types of NAC solutions and deployment methods.
The different types of NAC solutions available include
Appliance-based, divided by whether the appliance is inline or out-of-band
Switch- or network equipment-based
Client/host-based
Agent-less or clientless
The various types of NAC deployment methods include
Integrated with, or as an overlay to, network or security infrastructure
Layer 2 or Layer 3 authentication
1.2.1. Appliance-based NAC solutions: Inline or out-of-band
Some NAC solutions are appliance-based, which means that a server, hardened appliance, or a network device of some type needs to reside in the network on which you want to implement the NAC solution. Appliance-based solutions are either inline or out-of-band.
NOTE
An appliance may act as a policy server for the NAC solution, a receptacle in which an organization can define and manage network access and security policies, and then propagate those policies to NAC enforcement points on the network (out-of-band). Sometimes, instead of or in addition to the policies being propagated to enforcement points, these appliances may also enforce the policies. These network devices, whether inline or out-of-band, may also ...
Get Network Access Control For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.