Table Of Contents

About This Guide

Audience

Purpose

Document Organization

Document Conventions

New Features in this Release

Product Documentation

Documentation Updates

Obtaining Documentation and Submitting a Service Request

About This Guide

---

Revised October 20, 2011, OL-19354-01

This preface includes the following sections:

•Audience

•Purpose

•Document Organization

•Document Conventions

•New Features in this Release

•Product Documentation

•Documentation Updates

•Obtaining Documentation and Submitting a Service Request

Audience

This guide is for network administrators who are implementing the Cisco NAC Appliance solution to manage and secure their networks. Cisco NAC Appliance comprises the Clean Access Manager (CAM) administration appliance, Clean Access Server (CAS) enforcement appliance, and Agent end-user client software. Use this document along with the Cisco NAC Appliance Hardware Installation Guide, Release 4.7 and Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5) to install, configure, and administer your Cisco NAC Appliance deployment.

Purpose

The Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5) describes how to configure the Clean Access Manager NAC Appliance. You can use the Clean Access Manager (CAM) and its web-based administration console to manage multiple Clean Access Servers (CASs) in a deployment. End users connect through the Clean Access Server to the network via web login or Agent. This guide describes how to use the CAM web administration console to configure most aspects of Cisco NAC Appliance. It also provides information specific to the Clean Access Manager, such as how to manage network switches in an Out-of-Band deployment. See Product Documentation for further details on the document set for Cisco NAC Appliance.

Document Organization

Table 1 Document Organization

Chapter	Description
Chapter 1 "Introduction"	Provides a high-level overview of the Cisco NAC Appliance solution
Chapter 2 "Device Management: Adding Clean Access Servers, Adding Filters"	Describes how to add and manage Clean Access Servers from the Clean Access Manager and configure device and/or subnet filters
Chapter 3 "Switch Management: Configuring Out-of-Band Deployment"	Describes how to configure Cisco NAC Appliance for Out-of-Band (OOB) deployment
Chapter 4 "Wireless LAN Controller Management: Configuring Wireless Out-of-Band Deployment"	Describes how to configure Cisco NAC Appliance for Wireless Out-of-Band (Wireless OOB) deployment.
Chapter 5 "Configuring User Login Page and Guest Access"	Explains how to add the default login page needed for all users to authenticate, customize the login page for web login users, and configure Cisco NAC Appliance for guest user login
Chapter 6 "User Management: Configuring User Roles and Local Users"	Explains how to create user roles and new user profiles
Chapter 7 "User Management: Configuring Authentication Servers"	Describes how to set up external authentication sources, configure Active Directory Single Sign-On (SSO), VLAN ID or attribute-based auth server mapping rules, and RADIUS accounting
Chapter 8 "User Management: Traffic Control, Bandwidth, Schedule"	Describes how to configure role-based traffic control policies, bandwidth management, session and heartbeat timers
Chapter 9 "Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment"	Describes how to configure Agent distribution and installation for client machines, as well as configure client posture assessment in the Cisco NAC Appliance system
Chapter 10 "Cisco NAC Appliance Agents"	Presents overviews, login flow, and session termination dialogs for the Cisco NAC Appliance Agents (Cisco NAC Agent and Cisco NAC Web Agent)
Chapter 11 "Monitoring and Troubleshooting Agent Sessions"	Provides information on compiling and accessing various Cisco NAC Appliance Agent reports and log files and troubleshooting Agent connection and operation issues
Chapter 12 "Configuring Network Scanning"	Describes how to set up network scanning for Cisco NAC Appliance
Chapter 13 "Monitoring Event Logs"	Describes the Monitoring module of Cisco NAC Appliance, including online users, event logs, and SNMP information
Chapter 14 "Administering the CAM"	Discusses the Administration pages for the Clean Access Manager
"Error and Event Log Messages"	Explains some common Cisco NAC Appliance error messages and event log entries
"API Support"	Discusses API support for the Clean Access Manager
"Open Source License Acknowledgements"	Contains Open Source License information for Cisco products

Document Conventions

Table 2 Document Conventions

Item	Convention
Indicates command line output.	Screen font
Indicates information you enter.	Boldface screen font
Indicates variables for which you supply values.	Italic screen font
Indicates web admin console modules, menus, tabs, links and submenu links.	Boldface font
Indicates a menu item to be selected.	Administration  > User Pages

New Features in this Release

For a brief summary of the new features and enhancements available in this release refer to Documentation Updates and the "New and Changed Information" section of the Release Notes for Cisco NAC Appliance.

Product Documentation

lists documents are available for Cisco NAC Appliance on Cisco.com at the following URL:

http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html

---

Tip To access external URLs referenced in this document, right-click the link in Adobe Acrobat and select "Open in Weblink in Browser."

---

Table 3 Cisco NAC Appliance Document Set

Document Title	Refer to This Document For Information On:
Cisco NAC Appliance Service Contract/Licensing Support	•Obtaining and installing product licenses •Information on service contracts, ordering and RMA
Support Information for Cisco NAC Appliance Agents, Release 4.5 and Later	•Agent System Requirements, Agent/Server Version Compatibility, Agent/OS/Browser Support Matrix, Agent/AD Server Compatibility for AD SSO, and Agent Localized Language Template Support
Switch Support for Cisco NAC Appliance	•Which switches and NMEs support OOB deployment •Known issues/troubleshooting for switches and WLCs
Getting Started with Cisco NAC Network Modules in Cisco Access Routers	•Installing or upgrading the Clean Access Server (CAS) software on the Cisco NAC network module (NME-NAC-K9)
Connecting Cisco Network Admission Control Network Modules	•Connecting Cisco NAC network module (NME-NAC-K9) in an Integrated Services Router
Release Notes for Cisco NAC Appliance	Details on the latest 4.7 release, including: •New features and enhancements •Fixed caveats •Upgrade instructions •Supported AV/AS product charts •CAM/CAS/Agent compatibility and version information
Cisco NAC Appliance Hardware Installation Guide, Release 4.7	Details on CAM/CAS installation topics: •Hardware specifications on the various CAM/CAS platforms •How to install the Clean Access Manager and Clean Access Server Platforms •How to install Cisco NAC Appliance software on the CASM/CAS •How to configure CAM and CAS pairs for High Availability
Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5)	Complete CAM details, including: •How to install the CAM software •Overviews of major concepts and features of Cisco NAC Appliance •How to use the CAM web console to perform global configuration of Cisco NAC Appliance (applying to all CASs in the deployment) •How to configure CAM pairs for High Availability
Cisco NAC Appliance - Clean Access Server Configuration Guide, Release 4.7(5)	CAS-specific details, including: •How to install the CAS software •Where to deploy the CAS on the network (general information) •How to perform local (CAS-specific) configuration using the CAS management pages of the CAM web console, or the CAS direct access console •How to configure CAS pairs for High Availability
Cisco NAC Appliance Migration Guide - Release 4.1(8) to Release 4.7(0)	• Upgrading from an earlier Cisco NAC Appliance release on non-Cisco hardware to a next generation (NAC-3315/3355/3395) platform using the Cisco NAC Appliance Migration utility

Documentation Updates

Table 4 Updates to Cisco NAC Appliance - Clean Access Manager Configuration Guide, Release 4.7(5) 

Date	Description
10/20/11	Added Disabling Administrator Prompt for Certificate on IE 8 and 9
8/19/11	Updates for Release 4.7(5) •Updated System Upgrade •Added "Unmanage All" option to Manage Individual Ports (MAC Notification) •Added Note that "Cisco NAC Appliance 4.7(5) does not support Mac OS X 10.4" as appropriate •Resolved caveat CSCts02714 with minor updates to Uninstall Mac OS X Agent •Updated Release 4.7(5) screenshots as appropriate
9/23/10	Updates for Release 4.7(3) •Updated System Upgrade •Added NTP Authentication to Set System Time •Added HA Active-Active Situation Due to Expired SSL Certificates •Added Change the LogLevel Setting through CLI •Updated Release 4.7(3) screenshots as appropriate
6/14/10	Minor text updates.
3/5/10	Resolved caveat CSCte07657 with minor additions to Configuration Notes and Configure Switch Profiles
2/8/10	Updates for Release 4.7(2) •Updated System Upgrade •Caveats addressed in this release: CSCta23863, CSCta48234, CSCtd79411, CSCte70828 •Updated Release 4.7(2) screenshots as appropriate
11/24/09	Updates for Release 4.7(1): •Removed Stub installation options from Installation Page •Updated operating system options in Configuring Agent-Based Posture Assessment for Windows 7 and Mac OS X 10.6 •Added Mac OS X Agent functions back into Mac OS X Clean Access Agent •Updated other required web console illustrations
10/21/09	Updated Backing Up the CAM Database
9/29/09	Release 4.7(0)

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as an RSS feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently supports RSS Version 2.0.