Cisco NAC3350-PROF-K9 - NAC Profiler Server, NAC-3315, NAC-3355, NAC-3395, NAC-3310 Installation Manual
...
Cisco NAC Appliance Hardware
Installation Guide
Release 4.8
Jan 2012
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-20326-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL:
www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Nessus is the trademark of Tenable Network Security.
Cisco NAC Appliance - Clean Access Manager includes software developed by the Apache Software Foundation (http://www.apache.org/) Copyright © 1999-2000 The
Apache Software Foundation. All rights reserved. The APACHE SOFTWARE IS PROVIDED ''AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS OR CISCO OR ITS CONTRIBUTORS BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THE APACHE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Cisco NAC Appliance Hardware Installation Guide
© 2012 Cisco Systems, Inc. All rights reserved.
IMPLIED, INCLUDING, WITHOUT
CONTENTS
About This Guide 7
Audience 7
Purpose 7
Document Organization 8
Document Conventions 8
New Features in this Release 8
Product Documentation 9
Documentation Updates 11
Obtaining Documentation and Submitting a Service Request 12
CHAPTER
1 Cisco NAC Appliance Hardware Platforms 1-1
About Cisco NAC Appliance 1-1
FIPS 140-2 Compliant and Non-FIPS Hardware Platforms 1-1
NAC-3315, NAC-3355, and NAC-3395 1-3
NAC-3315 Serial Number Location 1-5
Cisco NAC-3315 Front and Rear Panels 1-5
Front Panel Features 1-5
Rear Panel Features 1-6
NAC-3355 Serial Number Location 1-8
Cisco NAC-3355 Front and Rear Panels 1-8
Front Panel Features 1-8
Rear Panel Features 1-10
NAC-3395 Serial Number Location 1-12
Cisco NAC-3395 Front and Rear Panels 1-12
Front Panel Features 1-12
Rear Panel Features 1-14
NAC-3310, NAC-3350, and NAC-3390 1-16
Cisco NAC-3310 Front and Rear Panels 1-18
Front Panel Features 1-18
Rear Panel Features 1-20
Cisco NAC-3350 Front and Rear Panels 1-21
Front Panel Features 1-21
Rear Panel Features 1-23
Cisco NAC-3390 Front and Rear Panels 1-24
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1
Contents
Front Panel Features 1-25
Rear Panel Features 1-26
Cisco Product Identification Tool 1-27
CHAPTER
2 Preparing for Installation 2-1
Safety Guidelines 2-2
General Precautions 2-2
Safety with Equipment 2-3
Safety with Electricity 2-3
Preventing Electrostatic Discharge Damage 2-5
Lifting Guidelines 2-5
Preparing Your Site for Installation 2-6
Site Planning 2-6
Rack Installation Safety Guidelines 2-7
Site Environment 2-8
Airflow Guidelines 2-9
Temperature and Humidity Guidelines 2-9
Power Considerations 2-9
Method of Procedure 2-10
Shipping Package Contents 2-10
Failover Bundles 2-11
Required Equipment 2-11
Configuration Worksheets 2-11
Clean Access Manager (CAM) Configuration Worksheet 2-12
Clean Access Server (CAS) Configuration Worksheet 2-12
CAS Mode IP Addressing Considerations 2-13
Rack-Mounting Your Cisco NAC Appliance CAM/CAS 2-14
Mounting the NAC-3315 Appliance in a 4-Post Rack 2-15
NAC-3315 4-Post Rack-Mount Hardware Kit 2-15
Installing the NAC-3315 Slide Rails into a Rack 2-16
Installing the NAC-3315 Appliance into the Slide Rails 2-19
Mounting the NAC-3355/3395 Appliance in a Four-Post Rack 2-21
NAC-3355/3395 4-Post Rack-Mount Hardware Kit 2-22
Installing the NAC-3355/3395 Slide Rails Into the 4-Post Rack 2-22
Installing the NAC-3355/3395 Appliance Into the Slide Rails 2-25
Cisco NAC Appliance Licensing 2-26
Upgrading Cisco NAC Appliance Software 2-27
Downloading Cisco NAC Appliance Software 2-28
Upgrading Firmware 2-28
Cisco NAC Appliance Hardware Installation Guide
2
OL-20326-01
Contents
CHAPTER
3 Installing the Clean Access Manager and Clean Access Server 3-1
Overview 3-1
Important Release Information 3-2
Installing the Clean Access Manager 3-2
Overview 3-2
Summary of Steps For New Installation 3-3
Connect the Clean Access Manager 3-4
Install the Clean Access Manager (CAM) Software from CD-ROM 3-5
Perform the Initial CAM Configuration 3-6
Configuration Utility Script 3-6
Access the CAM Web Console 3-11
Install CAM License 3-13
Add Additional Licenses 3-15
Important Notes for SSL Certificates 3-17
Installing the Clean Access Server 3-18
Overview 3-18
Switch/Router Configuration 3-18
Virtual Gateway Mode Connection Requirements 3-19
Switch Support for CAS Virtual Gateway/VLAN Mapping (IB and OOB) 3-20
Determining VLANs For Virtual Gateway 3-20
Summary of Steps For New Installation 3-21
Connect the Clean Access Server 3-22
Install the Clean Access Server (CAS) Software from CD-ROM 3-22
Perform the Initial CAS Configuration 3-24
Configuration Utility Script 3-24
Important Notes for SSL Certificates 3-33
Cisco NAC Appliance Connectivity Across a Firewall 3-34
Configuring the CAS Behind a NAT Firewall 3-36
Connectivity Across a Wide Area Network 3-37
Configuring Additional NIC Cards 3-37
Serial Connection to the CAM and CAS 3-39
Configuring Boot Settings on the Cisco NAC Appliance CAM/CAS 3-40
Useful CLI Commands for the CAM/CAS 3-42
CAM CLI Commands 3-42
CAS CLI Commands 3-43
CAS CLI Commands for Cisco NAC Appliance 3-43
CAS CLI Commands for Cisco NAC Profiler 3-44
Manually Restarting the CAM/CAS Configuration Utility 3-46
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
3
Contents
Troubleshooting the Installation 3-47
Verify/Change Current Master Secret on CAM/CAS 3-48
Recover From Corrupted Master Secret 3-48
Network Interface Card (NIC) Driver Not Supported 3-49
Resetting and Restoring an Unreachable Clean Access Server 3-49
Enabling TLSv1 on Internet Explorer Version 6 3-49
Powering Down the NAC Appliance 3-50
CHAPTER
4 Configuring High Availability (HA) 4-1
Adding High Availability Cisco NAC Appliance To Your Network 4-1
Installing a Clean Access Manager High Availability Pair 4-3
CAM High Availability Overview 4-4
Before Starting 4-7
Connect the Clean Access Manager Machines 4-8
Serial Connection 4-9
Configure the HA-Primary CAM 4-9
Configure the HA-Secondary CAM 4-12
Complete the Configuration 4-16
Upgrading an Existing Failover Pair 4-16
Failing Over an HA-CAM Pair 4-16
Accessing High Availability Pair CAM Web Consoles 4-17
Determining Active and Standby CAM 4-17
Determining Primary and Secondary CAM 4-17
Installing a Clean Access Server High Availability Pair 4-17
CAS High Availability Overview 4-18
CAS High Availability Requirements 4-22
Before Starting 4-24
Selecting and Configuring the Heartbeat UDP Interface 4-25
Serial Port High-Availability Connection 4-26
Configure High Availability 4-26
Configure the HA-Primary Clean Access Server 4-27
Configure the HA-Secondary Clean Access Server 4-34
Connect the Clean Access Servers and Complete the Configuration 4-38
Failing Over an HA-CAS Pair 4-39
Modifying CAS High Availability Settings 4-40
To Change IP Settings for an HA-CAS 4-40
Upgrading an Existing Failover Pair 4-41
Configuring High Availability for Virtual Gateway Mode 4-42
Useful CLI Commands for HA 4-43
Cisco NAC Appliance Hardware Installation Guide
4
OL-20326-01
Clean Access Manager 4-43
Clean Access Server 4-44
HA CAS Configuration Status 4-44
Heartbeat/Link-Based Connections 4-44
Link-Detect Interfaces 4-45
Active/Standby Status 4-45
Accessing High Availability Pair CAS Web Consoles 4-46
Determining Active and Standby CAS 4-46
Determining Primary and Secondary CAS 4-46
Contents
CHAPTER
APPENDIX
I
NDEX
5 Password Recovery 5-1
Recovering Root Password for CAM/CAS 5-1
Recovering Root Password for CAM/CAS (Release 3.5.x or Below) 5-1
A Open Source License Acknowledgements A-1
Notices A-1
OpenSSL/Open SSL Project A-1
License Issues A-1
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
5
Contents
Cisco NAC Appliance Hardware Installation Guide
6
OL-20326-01
About This Guide
Revised January 18, 2012, OL-20326-01
This preface includes the following sections:
• Audience
• Purpose
• Document Organization
• Document Conventions
• New Features in this Release
• Product Documentation
Audience
Purpose
• Documentation Updates
• Obtaining Documentation and Submitting a Service Request
This guide is for network administrators who are installing the Cisco NAC Appliance hardware and
performing initial configuration to introduce the Clean Access Manager (CAM) and Clean Access Server
(CAS) into the network. Use this document along with the
Manager Configuration Guide, Release 4.8(3) and Cisco NAC Appliance - Clean Access Server
Configuration Guide, Release 4.8(3) to install, configure, and administer your Cisco NAC Appliance
deployment.
The Cisco NAC Appliance Hardware Installation Guide, Release 4.8 describes how to install and
initially configure the Clean Access Manager and Clean Access Server on all Cisco NAC Appliance
platforms. Once you have installed and initially configured the CAM and CAS, you can use the Clean
Access Manager (CAM) and its web-based administration console to manage multiple Clean Access
Servers (CASs) in a deployment. End users connect through the Clean Access Server to the network via
web login or Cisco NAC Agent. This guide also describes how to implement High Availability for the
CAMs and CASs in your network.
See the Product Documentation section for further details on the document set for Cisco NAC
Appliance.
Cisco NAC Appliance - Clean Access
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
7
Document Organization
This guide combines hardware and installation information for both the Clean Access Manager and
Clean Access Server. Starting from Release 4.7(0), the Cisco NAC Appliance Hardware Installation
Guide replaces the installation chapters that were formerly located in the Cisco NAC Appliance - Clean
Access Manager Installation and Configuration Guide and Cisco NAC Appliance - Clean Access Server
Installation and Configuration Guide.
Table 1 Document Organization
Chapter Description
Chapter 1, “Cisco NAC Appliance Hardware
Platforms”
Chapter 2, “Preparing for Installation” Outlines the steps necessary to ensure your
Chapter 3, “Installing the Clean Access Manager
and Clean Access Server”
Chapter 4, “Configuring High Availability (HA)” Describes how to set up a pair of Clean Access
Chapter 5, “Password Recovery” Defines the steps necessary to recover a lost Cisco
Appendix A, “Open Source License
Acknowledgements”
About This Guide
Provides information about the hardware
platforms available in Cisco NAC Appliance
environment is ready to install Cisco NAC
Appliance hardware
Describes how to install and initially configure the
Clean Access Manager and Clean Access Server
Manager or Clean Access Server machines for
high availability
NAC Appliance root password
Contains Open Source License information for
Cisco products
Document Conventions
Table 2 Document Conventions
Item Convention
Indicates command line output. Screen font
Indicates information you enter. Boldface screen font
Indicates variables for which you supply values. Italic screen font
Indicates web admin console modules, menus, tabs, links and
submenu links.
Indicates a menu item to be selected. Administration > User Pages
New Features in this Release
For a brief summary of the new features and enhancements available in this release refer to
Documentation Updates and the “New and Changed Information” section of the Release Notes for Cisco
NAC Appliance corresponding to your latest Cisco NAC Appliance release version.
Boldface font
Cisco NAC Appliance Hardware Installation Guide
8
OL-20326-01
About This Guide
Product Documentation
Table 3 lists the technical documentation available for Cisco NAC Appliance on Cisco.com at
http://www.cisco.com/en/US/products/ps6128/tsd_products_support_series_home.html.
When using the online publications, refer to the documents that match the software version running on
your Cisco
See also the following product literature for additional details:
• Cisco NAC Appliance Data Sheet
• Cisco NAC Appliance Ordering Guide
Tip To access external URLs referenced in the PDF of this document, right-click the link in Adobe Acrobat
and select “Open in Weblink in Browser.”
Table 3 Cisco NAC Appliance Document Set
Document Title Refer to This Document For Information On:
Cisco NAC Appliance Service
Contract/Licensing Support
Supported Hardware and System Requirements
for Cisco NAC Appliance
Regulatory Compliance and Safety Information
for Cisco 1121 Secure Access Control System,
Cisco NAC Appliance, Cisco NAC Guest Server,
and Cisco NAC Profiler
Support Information for Cisco NAC Appliance
Agents, Release 4.5 and Later
Switch Support for Cisco NAC Appliance • Which switches and NMEs support OOB
NAC Appliance (e.g. “Release 4.8”).
• Obtaining and installing product licenses
• Information on service contracts, ordering and
RMA
• Supported Hardware Platforms,
Troubleshooting Network Card Driver Support
Issues, and System Requirements
• Regulatory Compliance and Safety Information
• Agent System Requirements, Agent/Server
Version Compatibility, Agent/OS/Browser
Support Matrix, Agent/AD Server
Compatibility for AD SSO, and Agent
Localized Language Template Support
deployment
Connecting Cisco Network Admission Control
Network Modules
Cisco NAC Appliance FIPS Card
Field-Replaceable Unit Installation Guide
OL-20326-01
• Known issues/troubleshooting for switches and
WLCs
• Connecting Cisco NAC network module
(NME-NAC-K9) in an Integrated Services
Router
• Provides instructions to upgrade your existing
Cisco NAC-3310, NAC-3350, and NAC-3390
with a field-replaceable FIPS card necessary to
introduce FIPS compliance in your network
Cisco NAC Appliance Hardware Installation Guide
9
About This Guide
Table 3 Cisco NAC Appliance Document Set
Document Title Refer to This Document For Information On:
Release Notes for Cisco NAC Appliance Details on the latest 4.8(x) release, including:
• New features and enhancements
• Fixed caveats
• Upgrade instructions
• Supported AV/AS product charts
• CAM/CAS/Agent compatibility and version
information
Cisco NAC Appliance Hardware Installation
Guide, Release 4.8
Cisco NAC Appliance - Clean Access Manager
Configuration Guide, Release 4.8(3)
Details on CAM/CAS installation topics:
• Hardware specifications on the various
CAM/CAS platforms
• How to install the Clean Access Manager and
Clean Access Server Platforms
• How to install Cisco NAC Appliance software
on the CASM/CAS
• How to configure CAM and CAS pairs for High
Availability
Complete CAM details, including:
• How to install the CAM software
• Overviews of major concepts and features of
Cisco NAC Appliance
• How to use the CAM web console to perform
global configuration of Cisco NAC Appliance
(applying to all CASs in the deployment)
10
Cisco NAC Appliance - Clean Access Server
Configuration Guide, Release 4.8(3)
Cisco NAC Appliance Hardware Installation Guide
• How to configure CAM pairs for High
Availability
CAS-specific details, including:
• How to install the CAS software
• Where to deploy the CAS on the network
(general information)
• How to perform local (CAS-specific)
configuration using the CAS management
pages of the CAM web console, or the CAS
direct access console
• How to configure CAS pairs for High
Availability
OL-20326-01
About This Guide
Table 3 Cisco NAC Appliance Document Set
Document Title Refer to This Document For Information On:
Cisco NAC Profiler Installation and
Configuration Guide
Cisco NAC Appliance Migration Guide - Release
4.1(8) to Release 4.7(0)
Documentation Updates
Table 4 Updates to Cisco NAC Appliance Hardware Installation Guide, Release 4.8
Date Description
1/18/12 Release 4.8(3)
• Updated Upgrading Cisco NAC Appliance Software, page 2-27
• Details on installing and configuring the Cisco
NAC Profiler Server /Collector
• Upgrading from an earlier Cisco NAC
Appliance release on non-Cisco hardware to a
next generation (NAC-3315/3355/3395)
platform using the Cisco NAC Appliance
Migration utility
• Updated Release 4.8(3) screenshots as appropriate
6/2/11 Added a security advisory regarding the serial console connection to Serial Connection to
the CAM and CAS, page 3-39, Serial Connection, page 4-9, and Serial Port
High-Availability Connection, page 4-26
5/3/11 Release 4.8(2)
• Updated Upgrading Cisco NAC Appliance Software, page 2-27
• Updated Release 4.8(2) screenshots as appropriate
1/31/11 Release 4.8(1)
• Updated Upgrading Cisco NAC Appliance Software, page 2-27
• Updated Release 4.8(1) screenshots as appropriate
12/7/10 Added a note about number of users supported by NAC-3315 and NAC-3310, when they
are FIPS-Compliant, to
Cisco NAC-3315 Front and Rear Panels, page 1-5 and Cisco
NAC-3310 Front and Rear Panels, page 1-18
10/5/10 Updated the Hardware Specification for NAC-3315 in Cisco NAC Appliance Hardware
Summary
9/9/10 Added note about installing and running Release 4.8 on CCA-3140s to FIPS 140-2
Compliant and Non-FIPS Hardware Platforms, page 1-1 and Upgrading Cisco NAC
Appliance Software, page 2-27
8/16/10 Adjusted FIPS card position on NAC-3355/3395 chassis rear panel views:
• Cisco NAC-3355 Front and Rear Panels, page 1-8
• Cisco NAC-3395 Front and Rear Panels, page 1-12
7/26/10 Release 4.8
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
11
About This Guide
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly What’s
revised Cisco
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as an RSS feed and set content to be
delivered directly to your desktop using a reader application. The RSS feeds are a free service. Cisco currently
supports RSS
technical documentation, at:
Version 2.0.
New in Cisco Product Documentation, which also lists all new and
Cisco NAC Appliance Hardware Installation Guide
12
OL-20326-01
Cisco NAC Appliance Hardware Platforms
This chapter provides general information on the Cisco NAC Appliance network access control system,
as well as hardware specifications for all Clean Access Manager (CAM) and Clean Access Server (CAS)
platforms available from Cisco Systems, Inc.
This chapter covers the following topics:
• About Cisco NAC Appliance, page 1-1
• NAC-3315, NAC-3355, and NAC-3395, page 1-3
• NAC-3310, NAC-3350, and NAC-3390, page 1-16
• Cisco Product Identification Tool, page 1-27
About Cisco NAC Appliance
Cisco® NAC Appliance is a Network Admission Control (NAC) product that allows network
administrators to authenticate, authorize, evaluate, and remediate wired, wireless, and remote users and
their machines prior to allowing users onto the network. It identifies whether networked devices such as
laptops, desktops, and corporate assets are compliant with a network's security policies, and it repairs
any vulnerabilities before permitting access to the network.
Cisco NAC Appliance is a network-centric integrated solution administered from the web console of the
Clean Access Manager (CAM), enforced through the Clean Access Server (CAS), and applied on clients
through the Cisco NAC Agent and Cisco NAC Web Agent client software. You can deploy the Cisco
NAC Appliance solution in the configuration that best meets the needs of your network.
CHAPTER
1
FIPS 140-2 Compliant and Non-FIPS Hardware Platforms
FIPS 140-2 compliant and non-FIPS Cisco NAC Appliance hardware platforms are Linux-based network
hardware appliances which are pre-installed with either the CAM or CAS application, the operating
system, and all relevant components on a dedicated server machine. In Release 4.7(0) and later, the
operating system comprises a hardened Linux kernel based on CentOS 5.3. Cisco NAC Appliance does
not support the installation of any other packages or applications onto a CAM or CAS dedicated
machine.
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1-1
About Cisco NAC Appliance
Cisco NAC Appliance Releases 4.8(x) only support and can only be installed on the following Cisco
NAC Appliance platforms:
Platform FIPS Option Non-FIPS Option
NAC-3315 CAM/CAS
NAC-3355 CAM/CAS
NAC-3395 CAM
NAC-3310 CAM/CAS Yes (with FIPS card
NAC-3350 CAM/CAS Yes (with FIPS card
NAC-3390 CAM Yes (with FIPS card
NAC-3140 (EOL)
1. If the FIPS card in a Cisco NAC-3315/3355/3395 CAM/CAS ceases to work correctly, make sure the FIPS card operation
2. Cisco NAC Appliance Release 4.8(1) and later do not support CCA-3140.
3. The Cisco CCA-3140 (CCA-3140-H1) NAC Appliance (EOL) requires CD installation of either the Clean Access Server or
Chapter 1 Cisco NAC Appliance Hardware Platforms
1
1
1
2,3
switch is set to “O” (for operational mode), as described in the “FIPS 140-2 Compliance” section of the
Cisco NAC Appliance corresponding to your latest Cisco NAC Appliance release version. If the FIPS card is still not
operational, you will need to RMA the appliance with Cisco Systems and replace it with a new Cisco NAC-3315/3355/3395.
Refer to the “
Support document for details.
Clean Access Manager software. Due to limited hardware resources on the CCA-3140, some combinations of Release 4.8
features may cause undesirable system behavior. If you are experiencing problems with Release 4.8 on the CCA-3140, please
contact the Cisco Technical Assistance Center (TAC).
Cisco NAC Appliance RMA and Licensing” section of the Cisco NAC Appliance Service Contract/Licensing
Yes Yes
Yes Yes
Yes Yes
Yes
field-replaceable unit only)
Yes
field-replaceable unit only)
Yes
field-replaceable unit only)
No Yes
Release Notes for
Refer to the Release Notes for Cisco NAC Appliance corresponding to your latest Cisco NAC Appliance
release version, for additional hardware compatibility information, including issues regarding FIPS
140-2 compliance.
Table 1-1 and Table 1-2 summarize the hardware specifications for each Cisco NAC Appliance. See the
“Diagrams” column for links to detailed diagrams showing NIC ports, power supply sockets, LEDs and
buttons.
Cisco NAC Appliance Hardware Installation Guide
1-2
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
NAC-3315, NAC-3355, and NAC-3395
Table 1-1 Cisco NAC Appliance Hardware Summary
Cisco NAC
Appliance
NAC-3315
Product Hardware Specifications Diagrams
MANAGER
Lite Manager
supporting up to 3
standalone or
HA-pair CASs
SERVER
CAS supporting
100, 250, or 500
users
• Single processor: Quad-core Intel Xeon (Core 2
quad)
• 4GB RAM
• 2 x 250 GB SATA HDD
• 4 10/100/1000 LAN ports [2 integrated NICs; 2
Gigabit NICs (PCI-E)]
• CD/DVD-ROM Drive
• 4 USB Ports (2 front, 2 rear)
• Power supply: 350W
Note The NAC-3315 is based on the IBM System
x3250 M2 server platform.
NAC-3315, NAC-3355, and NAC-3395
• Figure 1-2 on
page 1-5 “Cisco
NAC-3315 Front
Panel”
• Figure 1-3 on
page 1-6 “Cisco
NAC-3315 Front
Panel LEDs/Buttons”
• Figure 1-4 on
page 1-6 “Cisco
NAC-3315 (With
Installed FIPS Card)
Rear Panel”
• Figure 1-5 on
page 1-7 “Cisco
NAC-3315 (With
Installed FIPS Card)
Rear Panel LEDs”
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1-3
Chapter 1 Cisco NAC Appliance Hardware Platforms
NAC-3315, NAC-3355, and NAC-3395
Table 1-1 Cisco NAC Appliance Hardware Summary (continued)
Cisco NAC
Appliance Product Hardware Specifications Diagrams
NAC-3355
NAC-3395
MANAGER
Standard Manager
supporting up to 20
standalone or
HA-pair CASs
SERVER
CAS supporting
1500, 2500, or
3500 and 5000
users
MANAGER
Super Manager
supporting up to 40
standalone or
HA-pair CASs
• Single processor: Quad-core Intel Xeon
(Nehalem)
• 4 GB RAM
• 2 x 300 GB SAS RAID HDD
• 4 10/100/1000 LAN ports [2 integrated NICs; 2
Gigabit NICs (PCI-E)]
• CD/DVD-ROM Drive
• 4 USB Ports (1 front, 1 internal, 2 rear)
• Cavium CN1120-NHB-E SSL Accelerator Card or
nCipher Card (FIPS 140-2 Level 2 Common
Criteria EAL2)
• Power supply: Dual 675W (redundant)
Note The NAC-3355 is based on the IBM System
x3550 M2 server platform.
• Dual processor: 2 x Quad-core Intel Xeon
(Nehalem)
• 8GB RAM
• 4 x 300 GB SAS RAID HDD
• 4 10/100/1000 LAN ports [2 integrated NICs; 2
Gigabit NICs (PCI-E)]
• CD/DVD-ROM Drive
• 4 USB Ports (1 front, 1 internal, 2 rear)
• Cavium CN1120-NHB-E SSL Accelerator Card or
nCipher Card (FIPS 140-2 Level 2 Common
Criteria EAL2)
• Power supply: Dual 675W (redundant)
Note The NAC-3395 is based on the IBM System
x3550 M2 server platform.
• Figure 1-7 on
page 1-8 “Cisco
NAC-3355 Front
Panel”
• Figure 1-8 on
page 1-9 “Cisco
NAC-3355 Front
Panel LEDs/Buttons”
• Figure 1-9 on
page 1-10 “Cisco
NAC-3355 (With
Installed FIPS Card)
Rear Panel”
• Figure 1-10 on
page 1-10 “Cisco
NAC-3355 (With
Installed FIPS Card)
Rear Panel LEDs”
• Figure 1-12 on
page 1-12 “Cisco
NAC-3395 Front
Panel”
• Figure 1-13 on
page 1-13 “Cisco
NAC-3395 Front
Panel LEDs/Buttons”
• Figure 1-14 on
page 1-14 “Cisco
NAC-3395 (With
Installed FIPS Card)
Rear Panel”
• Figure 1-15 on
page 1-14 “Cisco
NAC-3395 (With
Installed FIPS Card)
Rear Panel LEDs”
Cisco NAC Appliance Hardware Installation Guide
1-4
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
195683
Cisco NAC 3315 Series
NAC Manager
CISCO
XXXXNNNNNNN
NAC-3315 Serial Number Location
The serial number label is located at the lower left of the front-panel of the NAC-3315. (See Figure 1-1.)
Figure 1-1 NAC-3315 Appliance Serial Number Location
Note The serial number for the NAC-3315 is 7 characters long. You can also view the NAC-3315 serial
number location on the Cisco Support website using the Cisco Product Identification Tool. For details,
see Cisco Product Identification Tool, page 1-27.
NAC-3315, NAC-3355, and NAC-3395
Cisco NAC-3315 Front and Rear Panels
The Cisco NAC-3315 platform is recommended for Clean Access Lite Manager and Clean Access Server
(100/250/500 user count) deployments. A NAC-3315 CAM Lite can manage up to 3 Clean Access
Servers or 3 HA-CAS pairs. A NAC-3315 CAS can support 100, 250, or 500 users.
Note FIPS 140-2 compliant NAC-3315 CAS can support only 250 or 500 users.
The Cisco NAC-3315 comes equipped with 4 network interfaces to provide flexibility in NIC interface
selection and to facilitate CAS high availability configuration.
For additional details, see FIPS 140-2 Compliant and Non-FIPS Hardware Platforms, page 1-1.
Front Panel Features
Figure 1-2 Cisco NAC-3315 Front Panel
1 3 4
2
CISCO
Cisco NAC 3315 Series
NAC Manager
195197
1
Front USB port 1
2
Front USB port 2
3
Hard disk drive (HDD) bay 0
OL-20326-01
5
4
Hard disk drive (HDD) bay 2
5
CD-ROM/DVD drive
Cisco NAC Appliance Hardware Installation Guide
1-5
NAC-3315, NAC-3355, and NAC-3395
12 11 9 7 6
10 8
195199
1
53
42
Figure 1-3 Cisco NAC-3315 Front Panel LEDs/Buttons
2
1
1
2
3
4
5
6
Chapter 1 Cisco NAC Appliance Hardware Platforms
4
5
3
6
Cisco NAC 3315 Series
CISCO
NAC Manager
195198
Power status LED Green = The appliance has AC power and is powered up
Off = The appliance is powered off (AC power disconnected)
Power button (recessed)
Reset button (recessed)
HDD activity LED Flashing green = Ongoing drive activity
Off = No drive activity
Locator button/LED Flashing blue = The Locator button has been pressed
System health LED Off = System health is normal
Amber = A pre-failure system threshold has been breached. This
can be any of the following:
• At least one fan failure (system or processor fan)
• At least one of the temperature sensors reached critical level
(system or processor thermal sensors)
Rear Panel Features
Figure 1-4 Cisco NAC-3315 (With Installed FIPS Card) Rear Panel
1
2
3
Power supply cable socket
NIC 3 (eth2) add-on card
NIC 4 (eth3) add-on card
• At least one memory module failure
• A power supply unit error has occurred
7
Video port
8
NIC 2 (eth1) GbE interface
9
NIC 1 (eth0) GbE interface
Cisco NAC Appliance Hardware Installation Guide
1-6
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
2 5
3 4
195200
1
NAC-3315, NAC-3355, and NAC-3395
4
FIPS card mini-DIN Smart card reader port
5
FIPS card mode switch
6
Serial port
Figure 1-5 Cisco NAC-3315 (With Installed FIPS Card) Rear Panel LEDs
1
FIPS card status LED Solid blue occasionally blinking off = FIPS card is enabled and
accepting commands
10
Rear USB port 4
11
Rear USB port 3
12
Console port
Two short blue flashes followed by a pause = FIPS card is in
initialization mode
Two longer blue flashes followed by a pause = FIPS card is in
maintenance mode
Repeatedly flashing morse code distress call (. . . - - - . . .)—three
short blue flashes followed by three longer blue flashes followed
again by three more short blue flashes = FIPS card is in error mode
Off = There is no power source connected to the FIPS card
2
NIC 1 (eth0) activity LED Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
3
NIC 1 (eth0) link LED Green = Link exists
Off = No link exists
4
NIC 2 (eth1) activity LED Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
5
NIC 2 (eth1) link LED Green = Link exists
Off = No link exists
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1-7
NAC-3315, NAC-3355, and NAC-3395
NAC-3355 Serial Number Location
The serial number label is located at the lower left of the front-panel of the NAC-3355. (See Figure 1-6.)
Figure 1-6 NAC-3355 Appliance Serial Number Location
XXXXNNNNNNN
Note The serial number for the NAC-3355 is 7 characters long. You can also view the NAC-3315 serial
number location on the Cisco Support website using the Cisco Product Identification Tool. For details,
see Cisco Product Identification Tool, page 1-27.
Chapter 1 Cisco NAC Appliance Hardware Platforms
Cisco NAC 3355 Series
NAC Manager
CISCO
195684
Cisco NAC-3355 Front and Rear Panels
The Cisco NAC-3355 FIPS 140-2 compliant platform provides enhanced capability for enterprise wide
Clean Access Standard Manager and Clean Access Server (1500/2500/3500 user count) deployments. A
NAC-3355 Standard CAM can manage up to 20 Clean Access Servers or 20 HA-CAS pairs. A
NAC-3355 CAS can support up to 1500, 2500, or 3500 users.
Similar to the Cisco NAC-3315, the Cisco NAC-3355 comes equipped with 4 network interfaces to
provide flexibility in NIC interface selection and facilitate CAS high availability configuration. The
Cisco NAC-3355 additionally provides 2 GB of RAM, two SAS drives configured in RAID 0 and 1, dual
power supplies, and an SSL accelerator card to support large network deployments and provide added
reliability for a centralized CAM/CAS deployment in the network core.
For additional details, see FIPS 140-2 Compliant and Non-FIPS Hardware Platforms, page 1-1.
Front Panel Features
Figure 1-7 Cisco NAC-3355 Front Panel
1 2 3 4 5 6 7 8
13 12 11
Cisco NAC 3355 Series
NAC Manager
910
CISCO
195201
1
Hard disk drive (HDD) bay 0
2
Empty (unused) hard disk drive (HDD) bay
3
Empty (unused) hard disk drive (HDD) bay
4
Power button with LED indicator (bicolor:
green/amber)
Cisco NAC Appliance Hardware Installation Guide
1-8
8
Front USB port 1
1
9
Front USB port 2
1
10
CD-ROM/DVD drive
11
Empty (unused) hard disk drive (HDD) bay
OL-20326-01
1
Chapter 1 Cisco NAC Appliance Hardware Platforms
Cisco NAC 3355 Series
NAC Manager
CISCO
1
2
3 4 5 6 7
8910
NAC-3315, NAC-3355, and NAC-3395
5
Operator information panel
6
Operator information panel release switch
7
Video port
1. Cisco does not support installing additional hard drives in the NAC-3355 appliance.
Figure 1-8 Cisco NAC-3355 Front Panel LEDs/Buttons
1
HDD activity LED Green = Hard disk drive activity
12
Empty (unused) hard disk drive (HDD) bay
13
Hard disk drive (HDD) bay 1
Flashing Green = Hard disk drive activity
Off = Hard disk drive is idle or disabled
2
HDD status LED Amber = Hard disk drive is in error state
Off = Hard disk drive is functioning or disconnected from power
3
Power switch button cover Slides left and right to expose or protect power switch
4
Ethernet icon LED Green = Ethernet interfaces are configured and up
Off = No Ethernet interfaces are currently configured or Ethernet
interfaces are all down
5
Ethernet interface activity
LEDs (NIC 1 and NIC 2)
Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
6
Information LED Amber = A non-critical system event has occurred
Off = System is functioning normally
7
System health LED Off = System health is normal
Amber = A pre-failure system threshold has been breached. This
can be any of the following:
• At least one fan failure (system or processor fan)
• At least one of the temperature sensors reached critical level
(system or processor thermal sensors)
1
OL-20326-01
• At least one memory module failure
• A power supply unit error has occurred
Cisco NAC Appliance Hardware Installation Guide
1-9
NAC-3315, NAC-3355, and NAC-3395
195204
1 2
4
11
12
3 5
9
7
6
1013
8
4 5 6
195205
1 2 3
8
7
9
8
9
10
Rear Panel Features
Figure 1-9 Cisco NAC-3355 (With Installed FIPS Card) Rear Panel
Chapter 1 Cisco NAC Appliance Hardware Platforms
Front Locator button/LED Flashing blue = The Locator button has been pressed.
Ethernet interface activity
LEDs (NIC 3 and NIC 4)
Power button with LED Green = The appliance has AC power and is powered up
Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
Rapidly flashing green = The appliance is off and is not yet ready
to be turned on (the appliance typically only remains in this state
for 1 to 3 minutes)
Slowly flashing green = The appliance is currently off and ready to
be turned on
slowly fading on/off green = The appliance is in power-save mode
and is ready to be turned on
Off = The appliance is powered off (AC power disconnected)
1
2
3
4
5
6
7
Figure 1-10 Cisco NAC-3355 (With Installed FIPS Card) Rear Panel LEDs
FIPS card mini-DIN Smart card reader port
FIPS card mode switch
Video port
Empty (unused) PCI slot
Rear USB port 4
Power supply cable sockets
Rear USB port 3
8
Serial port
9
NIC 2 (eth1) GbE interface
10
NIC 1 (eth0) GbE interface
11
NIC 4 (eth3) add-on card
12
NIC 3 (eth2) add-on card
13
Console port
Cisco NAC Appliance Hardware Installation Guide
1-10
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
1
FIPS card status LED Solid blue occasionally blinking off = FIPS card is enabled and
2
NIC 1 (eth0) activity LED Green = Activity exists
3
NIC 1 (eth0) link LED Green = Link exists
4
AC power LED Green = AC power source is connected to power supply
5
DC power LED Green = DC power source is connected to power supply
6
Power supply error LED Amber = Power source to power supply is present, but power
7
System error LED Amber = Indicates that a system error has occurred
8
Rear Locator LED Flashing blue = The Front Locator button has been pressed
9
Power LED Green = The appliance has AC power and is powered up
NAC-3315, NAC-3355, and NAC-3395
accepting commands
Two short blue flashes followed by a pause = FIPS card is in
initialization mode
Two longer blue flashes followed by a pause = FIPS card is in
maintenance mode
Repeatedly flashing morse code distress call (. . . - - - . . .)—three
short blue flashes followed by three longer blue flashes followed
again by three more short blue flashes = FIPS card is in error mode
Off = There is no power source connected to the FIPS card
Flashing green = Activity exists
Off = No activity exists
Off = No link exists
Off = No AC power source is connected to power supply
Off = No DC power source is connected to power supply
supply is in error state
Off = Power supply is functioning normally (if AC and DC power
indicators are green) or power supply is disconnected
Off = The system is functioning normally
Rapidly flashing green = The appliance is off and is not yet ready
to be turned on (the appliance typically only remains in this state
for 1 to 3 minutes)
Slowly flashing green = The appliance is currently off and ready
to be turned on
slowly fading on/off green = The appliance is in power-save mode
and is ready to be turned on
Off = The appliance is powered off (power is disconnected)
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1-11
NAC-3315, NAC-3355, and NAC-3395
Cisco NAC 3395 Series
NAC Manager
1 2 3 4 5 6 7 8
910
13 12 11
195206
CISCO
NAC-3395 Serial Number Location
The serial number label is located at the lower left of the front-panel of the NAC-3355. (See
Figure 1-11.)
Figure 1-11 NAC-3395 Appliance Serial Number Location
XXXXNNNNNNN
Note The serial number for the NAC-3395 is 7 characters long. You can also view the NAC-3315 serial
number location on the Cisco Support website using the Cisco Product Identification Tool. For details,
see Cisco Product Identification Tool, page 1-27.
Chapter 1 Cisco NAC Appliance Hardware Platforms
Cisco NAC 3355 Series
NAC Manager
CISCO
195684
Cisco NAC-3395 Front and Rear Panels
The Cisco NAC-3395 FIPS 140-2 compliant platform provides the enhanced processing, memory, and
power necessary for enterprise wide deployment of the Clean Access Super Manager (Super CAM)
which can support up to 40 Clean Access Servers or 40 HA-CAS pairs. The Cisco NAC-3390 features
dual processors, dual power supplies, 4 GB of RAM, 4 hard disk drives, 4 network interfaces, and an
SSL accelerator card. For additional details, see
Platforms, page 1-1.
Note The Super CAM software is supported only on the Cisco NAC-3395 and Cisco NAC-3390 platforms.
Front Panel Features
Figure 1-12 Cisco NAC-3395 Front Panel
FIPS 140-2 Compliant and Non-FIPS Hardware
1
Hard disk drive (HDD) bay 0
2
Hard disk drive (HDD) bay 2
3
Empty (unused) hard disk drive (HDD) bay
4
Power button with LED indicator (bicolor:
green/amber)
Cisco NAC Appliance Hardware Installation Guide
1-12
8
Front USB port 1
9
Front USB port 2
1
10
CD-ROM/DVD drive
1
11
Empty (unused) hard disk drive (HDD) bay
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
Cisco NAC 3395 Series
NAC Manager
CISCO
1
2
3 4 5 6 7
8910
NAC-3315, NAC-3355, and NAC-3395
5
Operator information panel
6
Operator information panel release switch
7
Video port
1. Cisco does not support installing additional hard drives in the NAC-3395 appliance.
Figure 1-13 Cisco NAC-3395 Front Panel LEDs/Buttons
1
HDD activity LED Green = Hard disk drive activity
12
Hard disk drive (HDD) bay 3
13
Hard disk drive (HDD) bay 1
Flashing Green = Hard disk drive activity
Off = Hard disk drive is idle or disabled
2
HDD status LED Amber = Hard disk drive is in error state
Off = Hard disk drive is functioning or disconnected from power
3
Power switch button cover Slides left and right to expose or protect power switch
4
Ethernet icon LED Green = Ethernet interfaces are configured and up
Off = No Ethernet interfaces are currently configured or Ethernet
interfaces are all down
5
Ethernet interface activity
LEDs (NIC 1 and NIC 2)
Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
6
Information LED Amber = A non-critical system event has occurred
Off = System is functioning normally
7
System health LED Off = System health is normal
Amber = A pre-failure system threshold has been breached. This
can be any of the following:
• At least one fan failure (system or processor fan)
• At least one of the temperature sensors reached critical level
(system or processor thermal sensors)
OL-20326-01
• At least one memory module failure
• A power supply unit error has occurred
Cisco NAC Appliance Hardware Installation Guide
1-13
NAC-3315, NAC-3355, and NAC-3395
195204
1 2
4
11
12
3 5
9
7
6
1013
8
4 5 6
195205
1 2 3
8
7
9
8
9
10
Rear Panel Features
Figure 1-14 Cisco NAC-3395 (With Installed FIPS Card) Rear Panel
Chapter 1 Cisco NAC Appliance Hardware Platforms
Locator button/LED Flashing blue = The Locator button has been pressed.
Ethernet interface activity
LEDs (NIC 3 and NIC 4)
Power button/LED Green = The appliance has AC power and is powered up
Green = Activity exists
Flashing green = Activity exists
Off = No activity exists
Rapidly flashing green = The appliance is off and is not yet ready
to be turned on (the appliance typically only remains in this state
for 1 to 3 minutes)
Slowly flashing green = The appliance is currently off and ready to
be turned on
slowly fading on/off green = The appliance is in power-save mode
and is ready to be turned on
Off = The appliance is powered off (AC power disconnected)
1
2
3
4
5
6
7
Figure 1-15 Cisco NAC-3395 (With Installed FIPS Card) Rear Panel LEDs
FIPS card mini-DIN Smart card reader port
FIPS card mode switch
Video port
Empty (unused) PCI slot
Rear USB port 4
Power supply cable sockets
Rear USB port 3
8
Serial port
9
NIC 2 (eth1) GbE interface
10
NIC 1 (eth0) GbE interface
11
NIC 4 (eth3) add-on card
12
NIC 3 (eth2) add-on card
13
Console port
Cisco NAC Appliance Hardware Installation Guide
1-14
OL-20326-01
Chapter 1 Cisco NAC Appliance Hardware Platforms
1
FIPS card status LED Solid blue occasionally blinking off = FIPS card is enabled and
2
NIC 1 (eth0) activity LED Green = Activity exists
3
NIC 1 (eth0) link LED Green = Link exists
4
AC power LED Green = AC power source is connected to power supply
5
DC power LED Green = DC power source is connected to power supply
6
Power supply error LED Amber = Power source to power supply is present, but power
7
System error LED Amber = Indicates that a system error has occurred
8
Rear Locator LED Flashing blue = The Front Locator button has been pressed
9
Power LED Green = The appliance has AC power and is powered up
NAC-3315, NAC-3355, and NAC-3395
accepting commands
Two short blue flashes followed by a pause = FIPS card is in
initialization mode
Two longer blue flashes followed by a pause = FIPS card is in
maintenance mode
Repeatedly flashing morse code distress call (. . . - - - . . .)—three
short blue flashes followed by three longer blue flashes followed
again by three more short blue flashes = FIPS card is in error mode
Off = There is no power source connected to the FIPS card
Flashing green = Activity exists
Off = No activity exists
Off = No link exists
Off = No AC power source is connected to power supply
Off = No DC power source is connected to power supply
supply is in error state
Off = Power supply is functioning normally (if AC and DC power
indicators are green) or power supply is disconnected
Off = The system is functioning normally
Rapidly flashing green = The appliance is off and is not yet ready
to be turned on (the appliance typically only remains in this state
for 1 to 3 minutes)
Slowly flashing green = The appliance is currently off and ready
to be turned on
slowly fading on/off green = The appliance is in power-save mode
and is ready to be turned on
Off = The appliance is powered off (power is disconnected)
OL-20326-01
Cisco NAC Appliance Hardware Installation Guide
1-15
NAC-3310, NAC-3350, and NAC-3390
NAC-3310, NAC-3350, and NAC-3390
Table 1-2 Cisco NAC Appliance Hardware Summary
Cisco NAC
Appliance
NAC-3310
1,2
Product Hardware Specifications Diagrams
MANAGER
Lite Manager
supporting up to 3
standalone or
HA-pair CASs
SERVER
CAS supporting
100, 250, or 500
users
• Single processor: Xeon 2.33 GHz dual core
• 1 GB RAM
• 160 GB NHP SATA HDD
Note Newer Cisco NAC-3310 CAMs/CASs feature a
160GB hard drive, while older NAC-3310s
originally shipped with 80GB hard drives. Both
of these hard drive sizes support High
Availability (HA) deployments, and you can
safely deploy a 160GB model in an HA pair
with an 80GB model.
• 4 10/100/1000 LAN ports [2 Broadcom 5721
integrated NICs; 2 Intel e1000 PCI-X NICs (HP
#NC360T)]
• CD/DVD-ROM Drive
• 4 USB Ports (2 front, 2 rear)
Note The NAC-3310 is based on the HP ProLiant
DL140 G3 server platform.
Chapter 1 Cisco NAC Appliance Hardware Platforms
• Figure 1-16 on
page 1-18 “Cisco
NAC-3310 Front
Panel”
• Figure 1-17 on
page 1-19 “Cisco
NAC-3310 Front
Panel LEDs/Buttons”
• Figure 1-18 on
page 1-20 “Cisco
NAC-3310 Rear
Panel”
• Figure 1-19 on
page 1-20 “Cisco
NAC-3310 Rear
Panel LEDs”
Cisco NAC Appliance Hardware Installation Guide
1-16
OL-20326-01
Loading...