Anyone used Cisco Network Admission Control (NAC) solution?

On a large Cisco network where Cisco port security is enabled, I have found it possible to bypass port security through cloning the wired mac address (and unplugging the cloned device, obviously).

Is the Cisco NAC solution smart enough not to fall for mac address spoofing?