Cisco's Secure Access Control products are integral to the Cisco TrustSec solution, a core component of the Secure Borderless Networks architecture. TrustSec includes the following Access Control products:
These products enforce network security policies, help secure user and host access control, and control network access based on dynamic conditions and attributes.
The CiscoTrustSec solution offers deployment options to address various customer needs and use cases.
Deployment Option 1: ACS: 802.1X-Based Infrastructure Solution
Cisco Secure ACS is the policy server to authenticate users who connect to the wired network (see Figure 1). A network access device (switch) provides access to both the network and its resources based on user credentials and their roles in the organization.
Deployment Option 2: NAC: Appliance-Based Overlay Solution
For those requiring network authentication, role-based access control, and posture assessment, the Cisco NAC Appliance can be deployed as an overlay solution to an existing infrastructure.
In this appliance-based approach (see Figure 2), Cisco NAC Manager is the policy server that works with Cisco NAC Server to authenticate users and access their devices over LAN, wireless, or VPN connections. Access to the network and its resources is based on user credentials and their roles in the organization, as well as the policy compliance of endpoint devices.
In both scenarios, the addition of NAC Guest Server and NAC Profiler depends upon the specific functionality you may require.
802.1X-Based Guest Network for Wired LAN
Learn how to overcome common operational challenges associated with 802.1X.
Bring 802.1X Security to Wired Networks
Reduce security risks while lowering IT capital and operational costs.