Network Authentication Chapter 6 Part 2

The flashcards below were created by user jal128 on FreezingBlue Flashcards.

  1. Internal LAN consists of: (3)
    • endpoints
    • non-endpoint LAN devices
    • LAN infrastructure
  2. NAC helps maintain network stability by
    providing four important features:
    1.Authentication and authorization

    2.Posture assessment

    3.Quarantining of noncompliant systems

    4.Remediation of noncompliant systems
  3. NAC can be implemented in two ways:
    –NAC Framework

    • –Cisco
    • NAC Appliance
  4. Cisco NAC Components (4)
    • Cisco NAC Appliance Server (NAS)
    • Cisco NAC Appliance Manager (NAM)
    • Cisco NAC Appliance Agent (NAA)
    • Rule-set updates
  5. NAC Rule-set updates
    Provides schedules automatic updates
  6. Cisco NAC Appliance Server (NAS)
    Device that provides in-band or out-of-band access control.
  7. Cisco NAC Appliance Manager (NAM)
    A web-based interface for creating security policies and managing online users.
  8. Cisco NAC Appliance Agent (NAA)
    It can determine whether a device has the required anti-virus dat file, security patch, or critical Windows hotfix.
  9. Configure PVLAN
    (config-if)# switchport protected
  10. PVLAN
    Prevents data from being sent between protected ports at Layer 2 (it must be Layer 3)
  11. SAN transport technologies
    –Fiber Channel

    –Fiber Channel over IP (FCIP)

    • –Internet Small Computer Systems Interface
    • (iSCSI)

    –Gigabit Ethernet

    –Optical network
  12. Fiber Channel:
    • –The primary SAN transport for host-to-SAN
    • connectivity.

    • –Fiber Channel networks provide a serial
    • transport for the SCSI protocol.
  13. iSCSI:
    • –Maps SCSI over TCP/IP and is typically
    • used in the LAN.

    • –Leverages existing IP networks to
    • build and extend SANs by using TCP/IP to transport SCSI commands, data, and
    • status between hosts or initiators and storage devices or targets, such as
    • storage subsystems and tape devices.
  14. FCIP:
    • –Popular SAN-to-SAN connectivity model
    • that is used over the WAN or MAN.

    • –SAN designers can use the open-standard
    • FCIP protocol to break the distance barrier of current Fiber Channel solutions
    • and enable interconnection of SAN islands over extended distances.
  15. Fiber Channel Zoning
    Partitioning the Fiber Channel fabric into smaller subsets
  16. Zoning rules: (3)
    • –Zone
    • members see only other members of the zone.

    • –Zones
    • can be configured dynamically based on WWN.

    • –Devices
    • can be members of more than one zone.
  17. VSANs
    A virtual storage area network (VSAN) is a collection of ports from a set of connected Fiber Channel switches that form a virtual fabric.
Card Set:
Network Authentication Chapter 6 Part 2
2015-03-31 13:02:36
Network Authentication

Network Authentication Chapter 6 Part 2
Show Answers: