Which NAC design model matches the following definitions?

Which NAC design model matches the following definitions?
NAS is deployed centrally in the core or distribution layer. Users are multiple hops away from the Cisco NAS.
After authentication and posture assessment, the client traffic no longer passes through the Cisco NAS.
PBR is needed to direct the user traffic appropriately

Which NAC design model matches the following definitions?
NAS is deployed centrally in the core or distribution layer. Users are multiple hops away from the Cisco NAS.
After authentication and posture assessment, the client traffic no longer passes through the Cisco NAS.
PBR is needed to direct the user traffic appropriately

A.
Layer 3 in-band virtual gateway

B.
Layer 3 out-of-band with addressing

C.
Layer 2 in-band virtual gateway

D.
Layer 2 out-of-band virtual gateway

Explanation:
https://www.cisco.com/c/en/us/products/collateral/security/nac-appliance-clean-access/product_data_sheet0900aecd802da1b5.html
Passing traffic mode
• Virtual gateway (bridged mode)
• Real IP gateway (routed mode)

Client access mode
• Layer 2 (client is adjacent to the Cisco NAC Server)
• Layer 3 (client is multiple hops from the Cisco NAC Server)
Traffic flow model
• In-band (Cisco NAC Server is always in-line with user traffic)
• Out-of-band (Cisco NAC Server is in-line only during authentication, posture assessment, and remediation)



Leave a Reply 0

Your email address will not be published. Required fields are marked *