openNAC Core Architecture¶
openNAC Enterprise solution is the next step in the evolution of data Network Access Control Solutions. openNAC is a simple but feature-rich and flexible solution to build and control enterprise Network Access, which combines existing OpenSource technologies with advanced features for multi-tenancy, automatic provision and elasticity. openNAC follows a bottom-up approach driven by sysadmins, devops and users real needs.
Architecture Overview¶
openNAC Core Software Architecture includes different technologies and modules. These modules are:
- Apache technology that is being used by Administration Portal, openNAC Agent, Captive Portal and API Access.
- FreeRadius technology that coverts AAAA Services (Authentication, Authorization, Accounting, Auditing).
- MySQL technology that store configuration and collected data.
- Redis technology that provide really fast access to events and internal processes such as workers, DHCP Reader, SNMP Trap…
- Gearman Queues, These are consumed by workers.
- Workers technology that carry out asynchronous processes such as Plugins.
- Collectd technology that is being used to create openNAC trending status Dashboards.
Sizing an openNAC CORE Instance¶
The dimension of Network Access solution infrastructure can be directly inferred from the expected workload in terms of users, IPs, types of authentication or use cases deployed that the NAC must sustain. The workload may be complicated to estimate, but this is a crucial exercise to build an efficient NAC Architecture.
The hardware specs for the openNAC solutions are:
| Resources | Minimum | Recommended configuration |
|---|---|---|
| Memory | 16 GB | 32 GB |
| CPU | 8 CPUs | 16 CPUs |
| Disk Size | 100 GB | 100 GB |
| Disk Type | SCSI/SATA | SSD |
| Network | 2 NIC | 2 NIC |
Note
Two network interfaces are required, one for administration and one for production purposes.
Administration Portal¶
The machine that holds the openNAC Administration portal is the openNAC Core, this administration Portal is the main interface to configure, operate and monitor openNAC technologies.
For more information about web console review openNAC Web Console.