Cisco Wrote the Book on NAC

By Cameron Sturdevant  |  Posted 2007-03-05 Print this article Print

Review: Two books, actually, although Volume II of Cisco's series more effectively outlines and puts into a real-world context the company's Network Admission Control framework.

"Cisco Network Admission Control, Volume I: NAC Architecture and Design" Denise Helfrich, Lou Ronnau, Jason Frazier, Paul Forbes, 2006, Cisco Press, 264 pages, $55 "Cisco Network Admission Control, Volume II: NAC Framework Deployment and Troubleshooting" Jazib Frahim, Omar Santos, David White Jr., 2006, Cisco Press, 624 pages, $60 The two volumes of "Cisco Network Admission Control" address the challenge of network security when the network must admit endpoint devices that are outside the constant control of central IT.
"Cisco Network Admission Control Volume II: NAC Framework Deployment and Troubleshooting" is full of real-world grit. This grit does Cisco Systems NAC framework a favor, however, by grounding the technology in the realm of the possible instead of letting it wander in the impossibly bright land of marketing hype.
Avoid "Cisco Network Admission Control Volume I: NAC Architecture and Design." It is poorly written and confusing. Everything important that Cisco wanted to say about NAC is more neatly and comprehensibly detailed in Volume II. Indeed, Volume II is an excellent introduction to the methodology and process of implementing a Cisco NAC solution. Volume II also spends considerable time and attention on the configuration of NAC in Cisco Catalyst switches, the VPN 3000 Series Concentrators, and the ASA 5500 Series and PIX 500 Series firewall appliances. The chapters are filled with command-line examples of how to configure NAC parameters, including global settings and NAC exception lists. The book includes plenty of screen shots to illustrate where to enter configuration information, and the text consistently provides friendly advice in an almost conversational style. Cisco defends its NAC territory. Click here to read more. Its clear from the types of examples provided in the books that the authors have spent years working with Ciscos technical support group. The pithy troubleshooting examples demonstrate familiarity with real-world implementation problems, along with practical suggestions for solving these problems. For example, in the section in Volume II on troubleshooting the Cisco Secure Services Client, the authors describe a problem where a wireless client is immediately dissociated after 802.1x authentication. The section frankly addresses the CPU-intensive operations that are taking place that might be interfering with authentication timing. Volume II does a great job of clearly explaining NAC terminology, as well as the required elements for implementing Ciscos NAC solution. It also provides good troubleshooting examples. Both volumes provide multiple-choice and true-or-false questions at the end of each chapter—a good way to promote active learning while users plow through more than 600 pages of text. Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel