Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5)
About This Guide
Downloads: This chapterpdf (PDF - 117.0KB) The complete bookPDF (PDF - 9.17MB) | Feedback

About This Guide

Table Of Contents

About This Guide

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request


About This Guide


Revised August 21, 2011, OL-19355-01

This preface includes the following sections:

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request

Audience

This guide is for network administrators who are implementing the Cisco NAC Appliance solution to manage and secure their networks. Cisco NAC Appliance comprises the Clean Access Manager (CAM) administration appliance, Clean Access Server (CAS) enforcement appliance, and Agent end-user client software. Use this document along with the Cisco NAC Appliance Hardware Installation Guide, Release 4.7 and Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5) to install, configure, and administer your Cisco NAC Appliance deployment.

Purpose

The Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5) describes how to configure the Clean Access Server to implement the Cisco NAC Appliance solution on your network. The Clean Access Server is the enforcement server between the untrusted and trusted sides of a Cisco NAC Appliance network. This guide provides additional information specific to the Clean Access Server, such as how to configure DHCP, configure your deployment to work with AD SSO, and perform CAS-specific (local) configuration tasks.

See Product Documentation for further details on the document set for Cisco NAC Appliance.

Document Organization

Table 1 Document Organization

Chapter
Description

Chapter 1 "Introduction"

Provides a high-level overview of the Cisco NAC Appliance solution

Chapter 2 "Planning Your Deployment"

Discusses planning considerations for deploying the software

Chapter 3 "Configuring Layer 3 Out-of-Band (L3 OOB)"

Provides a general overview of the configuration needed for Layer 3 Out-of-Band deployment

Chapter 4 "Configuring the CAS Managed Network"

Describes how to set up the Clean Access Server's managed domain

Chapter 5 "Configuring DHCP"

Describes how to configure each of the DHCP modes of the Clean Access Server

Chapter 6 "Integrating with Cisco VPN Concentrators"

Describes the configuration required to integrate the Clean Access Server with Cisco VPN Concentrators

Chapter 7 "Local Traffic Control Policies"

Describes how to set up traffic filtering rules in the Clean Access Server

Chapter 8 "Configuring Active Directory Single Sign-On (AD SSO)"

Describes how to configure Active Directory (AD) Single Sign-On (SSO) for the Cisco NAC Appliance

Chapter 9 "Local Authentication Settings"

Describes Authentication tab settings in the Clean Access Server management pages

Chapter 10 "Local Certified and Floating Devices"

Describes local settings that can be configured at the Clean Access Server level for Clean Access implementation

Chapter 11 "Administering CAS Certificates, Time, and Support Logs"

Describes Clean Access Server (CAS) administration

"Open Source License Acknowledgements"

Contains Open Source License information for Cisco products


Document Conventions

Table 2 Document Conventions

Item
Convention

Indicates command line output.

Screen font

Indicates information you enter.

Boldface screen font

Indicates variables for which you supply values.

Italic screen font

Indicates web administrator console modules, menus, tabs, links and submenu links.

Boldface font

Indicates a menu item to be selected.

Administration > User Pages


New Features in this Release

For a brief summary of the new features and enhancements available in this release refer to Documentation Updates and the "New and Changed Information" section of the Release Notes for Cisco NAC Appliance.

Product Documentation

This section lists documents are available for Cisco NAC Appliance on Cisco.com at the following URL:

http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html


Tip To access external URLs referenced in this document, right-click the link in Adobe Acrobat and select "Open in Weblink in Browser."

Table 3 Cisco NAC Appliance Document Set

Document Title
Refer to This Document For Information On:

Cisco NAC Appliance Service Contract/Licensing Support

Obtaining and installing product licenses

Information on service contracts, ordering and RMA

Support Information for Cisco NAC Appliance Agents, Release 4.5 and Later

Agent System Requirements, Agent/Server Version Compatibility, Agent/OS/Browser Support Matrix, Agent/AD Server Compatibility for AD SSO, and Agent Localized Language Template Support

Switch Support for Cisco NAC Appliance

Which switches and NMEs support OOB deployment

Known issues/troubleshooting for switches and WLCs

Getting Started with Cisco NAC Network Modules in Cisco Access Routers

Installing or upgrading the Clean Access Server (CAS) software on the Cisco NAC network module (NME-NAC-K9)

Connecting Cisco Network Admission Control Network Modules

Connecting Cisco NAC network module (NME-NAC-K9) in an Integrated Services Router

Release Notes for Cisco NAC Appliance

Details on the latest 4.7 release, including:

New features and enhancements

Fixed caveats

Upgrade instructions

Supported AV/AS product charts

CAM/CAS/Agent compatibility and version information

Cisco NAC Appliance Hardware Installation Guide, Release 4.7

Details on CAM/CAS installation topics:

Hardware specifications on the various CAM/CAS platforms

How to install the Clean Access Manager and Clean Access Server Platforms

How to install Cisco NAC Appliance software on the CASM/CAS

How to configure CAM and CAS pairs for High Availability

Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5)

Complete CAM details, including:

Overviews of major concepts and features of Cisco NAC Appliance

How to use the CAM web console to perform global configuration of Cisco NAC Appliance (applying to all CASs in the deployment)

Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5)

CAS-specific details, including:

Where to deploy the CAS on the network (general information)

How to perform local (CAS-specific) configuration using the CAS management pages of the CAM web console, or the CAS direct access console.

Cisco NAC Appliance Migration Guide - Release 4.1(8) to Release 4.7(0)

Upgrading from an earlier Cisco NAC Appliance release on non-Cisco hardware to a next generation (NAC-3315/3355/3395) platform using the Cisco NAC Appliance Migration utility.


Documentation Updates

Table 4 Updates to Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5) 

Date
Description

8/22/11

Minor text updates

8/19/11

Release 4.7(5)

Updated System Upgrade

Added Note that "Cisco NAC Appliance 4.7(5) does not support Mac OS X 10.4" as appropriate

Updated Release 4.7(5) screenshots as appropriate

9/23/10

Updates for Release 4.7(3)

Updated System Upgrade

Added NTP Authentication to Synchronize System Time

Added Change the LogLevel Setting through CLI

Updated Release 4.7(3) screenshots as appropriate

6/14/10

Minor text updates

2/8/10

Updates for Release 4.7(2)

Updated System Upgrade

Caveats addressed in this release: CSCsz34909, CSCtb43890, CSCtd79411

Updated Release 4.7(2) screenshots as appropriate

11/24/09

Updates for Release 4.7(1)

Added Configure AD SSO in a Windows 7 Environment

Updated other required web console illustrations

10/21/09

Minor update to CAS Fallback Policy and Local Heartbeat Timer

9/29/09

Release 4.7(0)


Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as an RSS feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.