e Trust Agent for Cisco Network TM Admission Control (NAC) Installation Guide r1 G01028-1E
This documentation and related computer software program (hereinafter referred to as the "Documentation") is for the end user's informational purposes only and is subject to change or withdrawal by Computer Associates International, Inc. ("CA") at any time. This documentation may not be copied, transferred, reproduced, disclosed or duplicated, in whole or in part, without the prior written consent of CA.
Contents Chapter 1: Overview 5 How the eTrust Agent for Cisco NAC Works ..................................................... Computer Associates NAC-Enabled Applications ................................................. System Requirements .......................................................................... Product Components ...........................................................................
Chapter 1: Overview This chapter provides a brief description of how the eTrust Agent for Cisco Network Admission Control (NAC) works and lists the Computer Associates applications that are currently NAC-enabled. In addition, this chapter describes system requirements and product components. Note: This document assumes that Cisco NAC is fully installed and running in your network environment.
Computer Associates NAC-Enabled Applications Computer Associates NAC-Enabled Applications The following Computer Associates applications are NAC-enabled: InoculateIT 6 eTrust Antivirus r6, r7, r7.x eTrust PestPatrol Anti-Spyware r5 eTrust PestPatrol Anti-Spyware Corporate Edition r5 The eTrust Agent for Cisco NAC discovers the posture attributes of these applications if they exist on an end-point device.
Product Components Product Components The eTrust Agent for Cisco NAC consists of the following components: cai-pp.txt The cai-pp.txt file contains information for Computer Associates applications in the form of attribute/value pairs. You use this file with the CSUtil.exe program to add the Compute Associates product attribute definitions to the Cisco Secure ACS NAC database. cai-pp.dll The cai-pp.
Chapter 2: Setting Up eTrust Agent for Cisco NAC This chapter contains procedures for setting up eTrust Agent for Cisco NAC.
Add Computer Associates Attributes to the NAC Database Add Computer Associates Attributes to the NAC Database Before you can define policies for Computer Associates posture attributes, you must first add the attribute/value pairs to the Cisco Secure ACS NAC database. Note: The following procedure assumes Cisco Secure ACS 3.3 is installed at: C:\Program Files\CiscoSecure ACS v3.3 To add Computer Associates attributes to the Cisco Secure ACS NAC database, follow these steps: 1.
Install the eTrust Agent for Cisco NAC Install the eTrust Agent for Cisco NAC Install the eTrust Agent for Cisco NAC on all end-point devices, such as desktop computers, workstations, laptops, and servers that connect to or use network resources. To install the eTrust Agent for Cisco NAC on an end-point device, follow these steps: 1. From the directory you downloaded the eTrust Agent for Cisco NAC, distribute CAPPInstall.exe to all end-point devices. 2.
Appendix A: Computer Associates Attribute Information This appendix contains the attribute information for Computer Associates applications that are NAC-enabled. For information on how to manage NAC attributes, refer to the Cisco document NAC Attribute Management. Application Types The Cisco Trust Agent uses a Cisco-defined application type to uniquely identify and report posture attributes of NAC-enabled products from a single vendor.
eTrust Antivirus Attributes eTrust Antivirus Attributes Cisco has defined eight standard NAC attributes for anti-virus applications.
eTrust PestPatrol Anti-Spyware Attributes eTrust PestPatrol Anti-Spyware Attributes Cisco has defined eight standard NAC attributes for anti-spyware applications.
