Manualshelf

Technical Manual

ManualsBrandsCisco Manualssecurity management softwareCisco Identity Services Engine Software
11121314151617181920
They are sent to network devices within Access-Accept packet, although the real purpose of them
is to tell MNT Node that Scan should be triggered. MNT instructs TC-NAC node to communicate
with Qualys Cloud.
Step 5. Configure Authorization Policies
Configure Authorization Policy to use the new Authorization Profile configured in step 4.
Navigate to Policy > Authorization > Authorization Policy, locate
Basic_Authenticated_Access rule and click on Edit. Change the Permissions from
PermitAccess to the newly created Standard VA_Scan. This causes a Vulnerability Scan for
all users. Click on Save.
Create Authorization Policy for Quarantined machines. Navigate to Policy > Authorization >
Authorization Policy > Exceptions and create an Exception Rule. Click on Conditions >
Create New Condition (Advanced Option) > Select Attribute, scroll down and select Threat.
Expand the Threat attribute and select Qualys-CVSS_Base_Score. Change the operator to
Greater Than and enter a value according to your Security Policy. Quarantine authorization
profile should give limited access to the vulnerable machine.