Advanced Threat Prevention Capabilities

Network Admission Control (NAC) is a component of the Cisco Self-Defending Network strategy that improves the network's ability to automatically identify, prevent, and respond to security threats.

NAC technology allows Cisco Catalyst switches to collaborate with third-party security software products for policy compliance and enforcement, before a host is given network access.

Deploying NAC can help your business to:

• Dramatically improve security: NAC makes sure that endpoints (such as laptops, PCs, PDAs, and servers) comply with security policies, to proactively protect against worms, viruses, spyware, and malware.
• Improve operational efficiency: NAC helps shift your operational focus from reaction to prevention. It also reduces operating expenses (OpEx) related to identifying and repairing noncompliant, rogue, and infected systems.
• Extend its existing investments: NAC provides broad integration with multivendor security and management software, and enhances existing investments in network infrastructure and vendor software.
• Increase resilience: NAC provides comprehensive admission control across the LAN, to prevent noncompliant and rogue endpoints from affecting network availability

NAC performs posture validation at the Layer 2 network edge for hosts with or without 802.1x-enabled systems. Vulnerable and noncompliant hosts can be isolated, given reduced network access, or directed to remediation servers, based on organizational policy.

By making sure that every host complies with security policy, organizations can significantly reduce any infection damage.

NAC Framework capabilities on Cisco Catalyst switches are available through standard software upgrades with Cisco SMARTnet contracts.