Cisco Integration

Next Generation NACwall Appliances Integration with Cisco Catalyst Managed Switches
In addition to NetClaritys patented, agent-less EasyNAC blocking technology, NACwall appliances are now able to communicate with all Cisco Catalyst series managed switches to detect and block rogue assets by turning off physical switch ports on all Catalyst managed switches or to dynamically change VLAN port association, without the security risks associated with the 802.1x protocol. The NACwall helps you find and block weak, rogue and infected assets that have some of the worst, zero-day malware, by denying them network services or resources and can place them in specially designated QUARANTINE VLANs on all Cisco Catalyst series managed switches, automatically. You can setup GUEST networking environments in a matter of minutes, using Ciscos VLAN trunking protocol (802.1q). It is the most safe and efficient way to deliver AGENTLESS network access control. Connection Types Available
Telnet (Connect to CLI using Telnet) SSH (Connect to CLI using SSH)(Recommended)

Block Types Available

Port Shutoff (Unknown/Untrusted Assets switch port will be disabled on the Catalyst) Quarantine (Unknown/Untrusted Assets Port will be assigned to Quarantine VLAN)

Key Usage Scenarios

Block Zero-day Malware Propogation Detect and Block Malicious Insider Access Control Employee Bring Your Own Devices (BYODs) Enforce Business Logic using VLANs Create a Guest Networking Environment using VLANs

Powerful Managed Switch Integration Without 802.1x Risks Enabling Restrict Trusted Assets to Target VLAN will cause appliance to always attempt to restrict a trusted asset to its assigned VLAN when detected on an unauthorized VLAN. This could occur upon detecting that the asset has moved from its default VLAN into an unauthorized VLAN, or following a manual update. (see Cisco Manual VLAN Assignment for more information). The Quarantine VLAN is the VLAN which untrusted assets will be placed in upon detection. Username Prompt, Password Prompt and Shell Prompt should match the switch prompts displayed when manually logging in. Enter all, or part, of the switch prompt for each category. Uplink Port(s) are ports which should never be quarantined. A port which connects switches together is an example of an uplink port. Note: In order to take advantage of NetClarity NACwall Cisco Integration, each Catalyst switch must be configured to allow for logging in with username and password combination. NACwall Cisco integration does not currently support enable command. If Restrict Trusted Assets to Default VLAN is selected during Cisco Catalyst, the appliance will communicate with the switch and attempt to move the assets port into the selected VLAN.

In the event Restrict Trusted Assets to Default VLAN is selected during setup of the managed switch, the appliance will communicate with the switch and attempt to move the assets port into the default VLAN any time a VLAN change for the asset is detected in an unauthorized VLAN. For More Information To learn more about NetClarity NACwall Appliances, please visit your local, trusted, certified NACwall reseller or distribution partner, or visit us online at: Contact us at: sales@netclarity.net or visit us online at: www.netclarity.net

Copyright 2012, NetClarity, Inc. All rights reserved worldwide. NACwall, Inside-Out Network Security and BYOD are NetClarity trademarks. Cisco and Catalyst are registered trademarks of Cisco Systems, Inc. CVE is a registered trademark of The Mitre Corporation.