Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
21222324252627282930
1-6
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 1 Introduction
Client Login Overview
This guide describes the global configuration and administration of Clean Access Servers and Cisco
NAC Appliance deployment using the Clean Access Manager web admin console.
For a summary of CAS operating modes, see Add Clean Access Servers to the Managed Domain,
page 2-2. For complete details on CAS deployment, see the Cisco NAC Appliance - Clean Access Server
Configuration Guide, Release 4.9(x).
For details on OOB implementation and configuration, see Chapter 3, “Switch Management:
Configuring Out-of-Band Deployment.
For details on options configured locally on the CAS, such as DHCP configuration, Cisco VPN
Concentrator integration, or local traffic policies, see the Cisco NAC Appliance - Clean Access Server
Configuration Guide, Release 4.9(x).
Cisco NAC Appliance Agents
When enabled for your Cisco NAC Appliance deployment, the Agent can ensure that computers
accessing your network meet the system requirements you specify. The Agent is a read-only, easy-to-use,
small-footprint program that resides on Windows user machines. When a user attempts to access the
network, the Agent checks the client system for the software you require, and helps users acquire any
missing updates or software.
Agent users who fail the system checks you have configured are assigned to the Agent Temporary role.
This role gives users limited network access to access the resources needed to comply with the Agent
requirements. Once a client system meets the requirements, it is considered “clean” and allowed network
access.
The Cisco NAC Appliance Agent types available in Cisco NAC Appliance are:
Cisco NAC Agent (persistent Agent for Windows client machines)
Windows Clean Access Agent (persistent Agent for Windows client machines available prior to
release 4.6(1))
Mac OS X Agent (persistent Agent for Macintosh client machines)
Cisco NAC Web Agent (temporal Agent for Windows client machines)
For more information on the Agent types available in Cisco NAC Appliance, see Chapter 10, “Cisco
NAC Appliance Agents.
Cisco NAC Appliance Updates
Regular updates of pre-packaged policies/rules can be used to check the up-to-date status of operating
systems, antivirus/antispyware software, and other client software. Cisco NAC Appliance provides
built-in support for major AV and AS vendors. For complete details, see Retrieving Cisco NAC
Appliance Updates, page 9-12.
Client Login Overview
Agent scanning and/or network scanning must first be enabled under Device Management > Clean
Access > General Setup before configuring posture assessment.
The Agent Login subpage enables Agent controls per user role/OS.