Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5)
About This Guide
Downloads: This chapterpdf (PDF - 144.0KB) The complete bookPDF (PDF - 18.67MB) | Feedback

About This Guide

Table Of Contents

About This Guide

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request


About This Guide


Revised October 20, 2011, OL-19354-01

This preface includes the following sections:

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request

Audience

This guide is for network administrators who are implementing the Cisco NAC Appliance solution to manage and secure their networks. Cisco NAC Appliance comprises the Clean Access Manager (CAM) administration appliance, Clean Access Server (CAS) enforcement appliance, and Agent end-user client software. Use this document along with the Cisco NAC Appliance Hardware Installation Guide, Release 4.7 and Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5) to install, configure, and administer your Cisco NAC Appliance deployment.

Purpose

The Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5) describes how to configure the Clean Access Manager NAC Appliance. You can use the Clean Access Manager (CAM) and its web-based administration console to manage multiple Clean Access Servers (CASs) in a deployment. End users connect through the Clean Access Server to the network via web login or Agent. This guide describes how to use the CAM web administration console to configure most aspects of Cisco NAC Appliance. It also provides information specific to the Clean Access Manager, such as how to manage network switches in an Out-of-Band deployment. See Product Documentation for further details on the document set for Cisco NAC Appliance.

Document Organization

Table 1 Document Organization

Chapter
Description

Chapter 1 "Introduction"

Provides a high-level overview of the Cisco NAC Appliance solution

Chapter 2 "Device Management: Adding Clean Access Servers, Adding Filters"

Describes how to add and manage Clean Access Servers from the Clean Access Manager and configure device and/or subnet filters

Chapter 3 "Switch Management: Configuring Out-of-Band Deployment"

Describes how to configure Cisco NAC Appliance for Out-of-Band (OOB) deployment

Chapter 4 "Wireless LAN Controller Management: Configuring Wireless Out-of-Band Deployment"

Describes how to configure Cisco NAC Appliance for Wireless Out-of-Band (Wireless OOB) deployment.

Chapter 5 "Configuring User Login Page and Guest Access"

Explains how to add the default login page needed for all users to authenticate, customize the login page for web login users, and configure Cisco NAC Appliance for guest user login

Chapter 6 "User Management: Configuring User Roles and Local Users"

Explains how to create user roles and new user profiles

Chapter 7 "User Management: Configuring Authentication Servers"

Describes how to set up external authentication sources, configure Active Directory Single Sign-On (SSO), VLAN ID or attribute-based auth server mapping rules, and RADIUS accounting

Chapter 8 "User Management: Traffic Control, Bandwidth, Schedule"

Describes how to configure role-based traffic control policies, bandwidth management, session and heartbeat timers

Chapter 9 "Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment"

Describes how to configure Agent distribution and installation for client machines, as well as configure client posture assessment in the Cisco NAC Appliance system

Chapter 10 "Cisco NAC Appliance Agents"

Presents overviews, login flow, and session termination dialogs for the Cisco NAC Appliance Agents (Cisco NAC Agent and Cisco NAC Web Agent)

Chapter 11 "Monitoring and Troubleshooting Agent Sessions"

Provides information on compiling and accessing various Cisco NAC Appliance Agent reports and log files and troubleshooting Agent connection and operation issues

Chapter 12 "Configuring Network Scanning"

Describes how to set up network scanning for Cisco NAC Appliance

Chapter 13 "Monitoring Event Logs"

Describes the Monitoring module of Cisco NAC Appliance, including online users, event logs, and SNMP information

Chapter 14 "Administering the CAM"

Discusses the Administration pages for the Clean Access Manager

"Error and Event Log Messages"

Explains some common Cisco NAC Appliance error messages and event log entries

"API Support"

Discusses API support for the Clean Access Manager

"Open Source License Acknowledgements"

Contains Open Source License information for Cisco products


Document Conventions

Table 2 Document Conventions

Item
Convention

Indicates command line output.

Screen font

Indicates information you enter.

Boldface screen font

Indicates variables for which you supply values.

Italic screen font

Indicates web admin console modules, menus, tabs, links and submenu links.

Boldface font

Indicates a menu item to be selected.

Administration  > User Pages


New Features in this Release

For a brief summary of the new features and enhancements available in this release refer to Documentation Updates and the "New and Changed Information" section of the Release Notes for Cisco NAC Appliance.

Product Documentation

lists documents are available for Cisco NAC Appliance on Cisco.com at the following URL:

http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html


Tip To access external URLs referenced in this document, right-click the link in Adobe Acrobat and select "Open in Weblink in Browser."


Table 3 Cisco NAC Appliance Document Set

Document Title
Refer to This Document For Information On:

Cisco NAC Appliance Service Contract/Licensing Support

Obtaining and installing product licenses

Information on service contracts, ordering and RMA

Support Information for Cisco NAC Appliance Agents, Release 4.5 and Later

Agent System Requirements, Agent/Server Version Compatibility, Agent/OS/Browser Support Matrix, Agent/AD Server Compatibility for AD SSO, and Agent Localized Language Template Support

Switch Support for Cisco NAC Appliance

Which switches and NMEs support OOB deployment

Known issues/troubleshooting for switches and WLCs

Getting Started with Cisco NAC Network Modules in Cisco Access Routers

Installing or upgrading the Clean Access Server (CAS) software on the Cisco NAC network module (NME-NAC-K9)

Connecting Cisco Network Admission Control Network Modules

Connecting Cisco NAC network module (NME-NAC-K9) in an Integrated Services Router

Release Notes for Cisco NAC Appliance

Details on the latest 4.7 release, including:

New features and enhancements

Fixed caveats

Upgrade instructions

Supported AV/AS product charts

CAM/CAS/Agent compatibility and version information

Cisco NAC Appliance Hardware Installation Guide, Release 4.7

Details on CAM/CAS installation topics:

Hardware specifications on the various CAM/CAS platforms

How to install the Clean Access Manager and Clean Access Server Platforms

How to install Cisco NAC Appliance software on the CASM/CAS

How to configure CAM and CAS pairs for High Availability

Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5)

Complete CAM details, including:

How to install the CAM software

Overviews of major concepts and features of Cisco NAC Appliance

How to use the CAM web console to perform global configuration of Cisco NAC Appliance (applying to all CASs in the deployment)

How to configure CAM pairs for High Availability

Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5)

CAS-specific details, including:

How to install the CAS software

Where to deploy the CAS on the network (general information)

How to perform local (CAS-specific) configuration using the CAS management pages of the CAM web console, or the CAS direct access console

How to configure CAS pairs for High Availability

Cisco NAC Appliance Migration Guide - Release 4.1(8) to Release 4.7(0)

Upgrading from an earlier Cisco NAC Appliance release on non-Cisco hardware to a next generation (NAC-3315/3355/3395) platform using the Cisco NAC Appliance Migration utility


Documentation Updates

Table 4 Updates to Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5) 

Date
Description

10/20/11

Added Disabling Administrator Prompt for Certificate on IE 8 and 9

8/19/11

Updates for Release 4.7(5)

Updated System Upgrade

Added "Unmanage All" option to Manage Individual Ports (MAC Notification)

Added Note that "Cisco NAC Appliance 4.7(5) does not support Mac OS X 10.4" as appropriate

Resolved caveat CSCts02714 with minor updates to Uninstall Mac OS X Agent

Updated Release 4.7(5) screenshots as appropriate

9/23/10

Updates for Release 4.7(3)

Updated System Upgrade

Added NTP Authentication to Set System Time

Added HA Active-Active Situation Due to Expired SSL Certificates

Added Change the LogLevel Setting through CLI

Updated Release 4.7(3) screenshots as appropriate

6/14/10

Minor text updates.

3/5/10

Resolved caveat CSCte07657 with minor additions to Configuration Notes and Configure Switch Profiles

2/8/10

Updates for Release 4.7(2)

Updated System Upgrade

Caveats addressed in this release: CSCta23863, CSCta48234, CSCtd79411, CSCte70828

Updated Release 4.7(2) screenshots as appropriate

11/24/09

Updates for Release 4.7(1):

Removed Stub installation options from Installation Page

Updated operating system options in Configuring Agent-Based Posture Assessment for Windows 7 and Mac OS X 10.6

Added Mac OS X Agent functions back into Mac OS X Clean Access Agent

Updated other required web console illustrations

10/21/09

Updated Backing Up the CAM Database

9/29/09

Release 4.7(0)


Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as an RSS feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.