Manualshelf

Technical Manual

ManualsBrandsCisco Manualssecurity management softwareCisco Identity Services Engine Software
12345678910
Cisco Identity Service Engine version 2.1
Wireless LAN Controller (WLC) 8.0.121.0
Qualys Guard Scanner 8.3.36-1, Signatures 2.3.364-2
Windows 7 Service Pack 1
Configure
High Level Flow Diagram
This is the flow:
Client connects to the network, limited access is given and profile with Assess
Vulnerabilities checkbox enabled is assigned
1.
PSN node sends Syslog message to MNT node confirming authentication took place and VA
Scan was the result of Authorization Policy
2.
MNT node submits SCAN to TC-NAC node (using Admin WebApp) using this data:
- MAC Address
- IP Address
- Scan Interval
- Periodic Scan Enabled
- Originating PSN
3.
Qualys TC-NAC (encapsulated in Docker Container) communicates with Qualys Cloud (via
REST API) to trigger scan if needed
4.
Qualys Cloud instructs Qualys Scanner to scan the endpoint5.
Qualys Scanner sends the results of the scan to the Qualys Cloud6.
Results of the scan are sent back to TC-NAC:
- MAC Address
- All CVSS Scores
7.