Cisco NAC Agent

Cisco Network Admission Control (NAC) protects the Wellesley College network as well as all of the computers connected to it by requiring each Windows and Mac computer connected to the Wellesley College network to install the Cisco NAC Agent and authenticate to gain network access.

• Frequently Asked Questions
  • Using an Apple Time Capsule on campus
• Installing the Cisco NAC Agent on Windows
• Installing the Cisco NAC Agent on Mac OS X

Frequent Questions

Q: Why was the name changed from Clean Access to NAC?

A: NAC stands for Network Admission Control, which is the typical name for similar devices in the industry.  Clean Access was the name of the product when Cisco purchased the Perfigo company a few years ago.

Q: Why is Wellesley upgrading to a new version of Cisco NAC?

A: The new version of Cisco NAC provides support for a number of software not supported in the previous version. This includes Windows 7 32bit and 64bit, Windows Vista 64bit, Mac OS X 10.6 (Snow Leopard), the latest versions of McAfee and Norton consumer anti-virus applications, and more.

Q: What does the Cisco NAC Agent do?

A: The Cisco NAC Agent does two things:

• It will prompt you to log in when your computer needs to re-authenticate. Re-authentication typically occurs if either your computer is disconnected from the network (unplugged, put into sleep mode, powered off, etc.) for more than 20 minutes, or if your computer has been continually connected for seven days.
• During authentication on Windows computers, the Agent will scan your computer to make sure that you meet the security requirements.

Q: What are the current security requirements?

A: Security requirements differ based on a computer's operating system.

Windows computers are required to have the Agent installed, the latest critical and important Windows Updates installed from Microsoft, be configured to download and install those updates automatically, up-to-date supported anti-virus protection, and Malwarebytes' Anti-Malware.

Macintosh computers currently are only required to have the Agent installed and do not require any security checks.

Q: What if I have a network device that isn't a Mac or Windows computer?

A:   Other devices, such as computers running Linux, mobile phones, or game consoles, are currently only required to authenticate through a web browser.   These devices are usually detected properly and allow you to authenticate through a web browser without requiring a client. 

If you have a network device that is not able to login through a web browser, such as mobile phone or game consoles, please contact the Help Desk at x3333 (faculty & staff) or x7777 (students). If your device is portable (mobile phone, PDA, iPhone, etc.), you will need to bring it to the Computing Help Desk for the exemption.
 

Q: How do I setup an Apple Time Capsule on campus so I can backup my computer?

A: Apple's Time Capsule is designed for home networks as both a backup server and wireless router.  Since Wellesley's network is much more complex than a home network, you will need to disable the wireless router functionality while you are using it on campus. You can then connect to it to backup your computer by using an ethernet cable.  Directions on how to do this can be found here.