Home
Flashcards
Preview
Network Authentication Chapter 6 Part 2
Home
Get App
Take Quiz
Create
Internal LAN consists of: (3)
endpoints
non-endpoint LAN devices
LAN infrastructure
NAC helps maintain network stability by
providing four important features:
1.Authentication and authorization
2.Posture assessment
3.Quarantining of noncompliant systems
4.Remediation of noncompliant systems
NAC can be implemented in two ways:
–NAC Framework
–Cisco
NAC Appliance
Cisco NAC Components (4)
Cisco NAC Appliance Server (NAS)
Cisco NAC Appliance Manager (NAM)
Cisco NAC Appliance Agent (NAA)
Rule-set updates
NAC Rule-set updates
Provides schedules automatic updates
Cisco NAC Appliance Server (NAS)
Device that provides in-band or out-of-band access control.
Cisco NAC Appliance Manager (NAM)
A web-based interface for creating security policies and managing online users.
Cisco NAC Appliance Agent (NAA)
It can determine whether a device has the required anti-virus dat file, security patch, or critical Windows hotfix.
Configure PVLAN
(config-if)# switchport protected
PVLAN
Prevents data from being sent between protected ports at Layer 2 (it must be Layer 3)
SAN transport technologies
–Fiber Channel
–Fiber Channel over IP (FCIP)
–Internet Small Computer Systems Interface
(iSCSI)
–Gigabit Ethernet
–Optical network
Fiber Channel:
–The primary SAN transport for host-to-SAN
connectivity.
–Fiber Channel networks provide a serial
transport for the SCSI protocol.
iSCSI:
–Maps SCSI over TCP/IP and is typically
used in the LAN.
–Leverages existing IP networks to
build and extend SANs by using TCP/IP to transport SCSI commands, data, and
status between hosts or initiators and storage devices or targets, such as
storage subsystems and tape devices.
FCIP:
–Popular SAN-to-SAN connectivity model
that is used over the WAN or MAN.
–SAN designers can use the open-standard
FCIP protocol to break the distance barrier of current Fiber Channel solutions
and enable interconnection of SAN islands over extended distances.
Fiber Channel Zoning
Partitioning the Fiber Channel fabric into smaller subsets
Zoning rules: (3)
–Zone
members see only other members of the zone.
–Zones
can be configured dynamically based on WWN.
–Devices
can be members of more than one zone.
VSANs
A virtual storage area network (VSAN) is a collection of ports from a set of connected Fiber Channel switches that form a virtual fabric.
Author
jal128
ID
299593
Card Set
Network Authentication Chapter 6 Part 2
Description
Network Authentication Chapter 6 Part 2
Updated
2015-03-31T13:02:36Z
Show Answers
Home
Flashcards
Preview