Table Of Contents

About This Guide

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request

About This Guide

---

Revised March 3, 2009, OL-16759-01

This preface includes the following sections:

•Audience

•Purpose

•Document Organization

•Document Conventions

•New Features in this Release

•Product Documentation

•Documentation Updates

•Obtaining Documentation and Submitting a Service Request

Audience

This guide is for network administrators who are implementing the Cisco NAC Appliance solution to manage and secure their networks. Cisco NAC Appliance comprises the Clean Access Manager (CAM) administration appliance, Clean Access Server (CAS) enforcement appliance, and Clean Access Agent and Cisco NAC Web Agent end-user client software. Use this document along with the Cisco NAC Appliance - Clean Access Server Installation and Configuration Guide, Release 4.1(6) to install and administer your Cisco NAC Appliance deployment.

Purpose

The Cisco NAC Appliance - Clean Access Manager Installation and Configuration Guide, Release 4.1(6) describes how to install and configure the Clean Access Manager NAC Appliance. You can use the Clean Access Manager (CAM) and its web-based administration console to manage multiple Clean Access Servers (CASs) in a deployment. End users connect through the Clean Access Server to the network via web login, the Clean Access Agent, or the Cisco NAC Web Agent. This guide describes how to use the CAM web administration console to configure most aspects of Cisco NAC Appliance. It also provides information specific to the Clean Access Manager, such how to implement High Availability. See Product Documentation for further details on the document set for Cisco NAC Appliance.

Document Organization

Table 1 Document Organization

Chapter	Description
Chapter 1, "Introduction"	Provides a high-level overview of the Cisco NAC Appliance solution
Chapter 2, "Installing the Clean Access Manager"	Describes how to install the Clean Access Manager
Chapter 3, "Device Management: Adding Clean Access Servers, Adding Filters"	Describes how to add and manage Clean Access Servers from the Clean Access Manager and configure device and/or subnet filters
Chapter 4, "Switch Management: Configuring Out-of-Band (OOB) Deployment"	Describes how to configure Cisco NAC Appliance for Out-of-Band (OOB) deployment
Chapter 5, "Configuring User Login Page and Guest Access"	Explains how to add the default login page needed for all users to authenticate, customize the login page for web login users, and configure Cisco NAC Appliance for guest user login
Chapter 6, "User Management: Configuring User Roles and Local Users"	Explains how to create user roles and new user profiles
Chapter 7, "User Management: Configuring Auth Servers"	Describes how to set up external authentication sources, configure Active Directory Single Sign-On (SSO), VLAN ID or attribute-based auth server mapping rules, and RADIUS accounting
Chapter 8, "User Management: Traffic Control, Bandwidth, Schedule"	Describes how to configure role-based traffic control policies, bandwidth management, session and heartbeat timers
Chapter 9, "Clean Access Implementation Overview"	An introduction to Clean Access configuration for Cisco NAC Appliance
Chapter 10, "Distributing the Agent"	Describes how to enable and configure distribution, installation, and auto-upgrade options on the Clean Access Manager and Clean Access Server for Clean Access Agent and Cisco NAC Web Agent distribution to client machines
Chapter 11, "Configuring Agent Requirements"	Describes how to configure requirements on the Clean Access Manager so that the Clean Access Agent and Cisco NAC Web Agent can perform vulnerability assessment and remediation on client machines
Chapter 12, "Cisco NAC Appliance Agents"	Presents overviews, login flow, and session termination dialogs for the Cisco NAC Appliance Agents (Windows Clean Access Agent, Mac OS X Clean Access Agent, and Cisco NAC Web Agent)
Chapter 13, "Configuring Network Scanning"	Describes how to set up network scanning for Cisco NAC Appliance
Chapter 14, "Monitoring Online Users and Event Logs"	Describes the Monitoring module of Cisco NAC Appliance, including online users, event logs, and SNMP information
Chapter 15, "Administering the CAM"	Discusses the Administration pages for the Clean Access Manager
Chapter 16, "Configuring High Availability (HA)"	Describes how to set up a pair of Clean Access Manager machines for high availability
Appendix A, "Error and Event Log Messages"	Explains some common Cisco NAC Appliance error messages and event log entries
Appendix B, "API Support"	Discusses API support for the Clean Access Manager
Appendix C, "Windows Client Registry Settings"	Describes how to configure and enable various Clean Access Agent features using Windows client machine registry settings
Appendix D, "Open Source License Acknowledgements"	Contains Open Source License information for Cisco products

Document Conventions

Table 2 Document Conventions

Item	Convention
Indicates command line output.	Screen font
Indicates information you enter.	Boldface screen font
Indicates variables for which you supply values.	Italic screen font
Indicates web admin console modules, menus, tabs, links and submenu links.	Boldface font
Indicates a menu item to be selected.	Administration  > User Pages

New Features in this Release

For a brief summary of the new features and enhancements available in this release refer to Documentation Updates and the "New and Changed Information" section of the Release Notes for Cisco NAC Appliance (Cisco Clean Access), Version 4.1(6).

Product Documentation

lists documents are available for Cisco NAC Appliance on Cisco.com at the following URL:

http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html

---

Tip To access external URLs referenced in this document, right-click the link in Adobe Acrobat and select "Open in Weblink in Browser."

---

Table 3 Cisco NAC Appliance Document Set

Refer to This Document For Information On:	Document Title
•Which server hardware supports which versions of CAM/CAS software (if using your own server hardware) •CAM/CAS/Agent system requirements •NIC card troubleshooting	Supported Hardware and System Requirements for Cisco NAC Appliance (Cisco Clean Access)
•Which switches and NMEs support OOB deployment •Known issues/troubleshooting for switches and WLCs	Switch Support for Cisco NAC Appliance
•Installing the Clean Access Server (CAS) software on the Cisco NAC network module (NME-NAC-K9)	Getting Started with NAC Network Modules in Cisco Access Routers
•Connecting Cisco NAC network module (NME-NAC-K9) in an Integrated Services Router	Connecting Cisco Network Admission Control Network Modules
Details on the latest 4.1(6) release, including: •New features and enhancements •Fixed caveats •Upgrade instructions •Supported AV/AS product charts •CAM/CAS/Agent compatibility and version information	Release Notes for Cisco NAC Appliance (Cisco Clean Access), Version 4.1(6)
Complete CAM details, including: •How to install the CAM software •Overviews of major concepts and features of Cisco NAC Appliance •How to use the CAM web console to perform global configuration of Cisco NAC Appliance (applying to all CASs in the deployment) •How to configure CAM pairs for High Availability	Cisco NAC Appliance - Clean Access Manager Installation and Configuration Guide, Release 4.1(6)
CAS-specific details, including: •How to install the CAS software •Where to deploy the CAS on the network (general information) •How to perform local (CAS-specific) configuration using the CAS management pages of the CAM web console, or the CAS direct access console. •How to configure CAS pairs for High Availability	Cisco NAC Appliance - Clean Access Server Installation and Configuration Guide, Release 4.1(6)

Documentation Updates

Table 4 Updates to Cisco NAC Appliance - Clean Access Manager Installation and Configuration Guide, Release 4.1(6)

Date	Description
11/3/08	Updated to address caveats CSCsq61154 , CSCsu68720 , CSCsq60545 , CSCsu55519 , CSCsr24898 , CSCsu31891 , CSCsr93326 , CSCsq92880 , and CSCsg74980
7/31/08	Release 4.1(6) Major updates to this document from the prior Cisco NAC Appliance release include: •Configure Clean Access Manager-to-Clean Access Server Authorization, page 3-5 (New) •View and Remove Trusted Certificate Authorities, page 15-18 (New) •Backing Up and Restoring CAM/CAS Authorization Settings, page 15-41 (New) •Appendix C, "Windows Client Registry Settings" (New)—Introduces new Windows client machine registry settings and consolidates existing registry settings. •Fixes to address the CSCsq60545, CSCsq67999, CSCsq44710, CSCsq70260, CSCsq70347, CSCsq80153, CSCsq83566, CSCsr21436, CSCsr37337, and CSCsr45786 caveats.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.