Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
301302303304305306307308309310
CHAPTER
9-1
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
9
Configuring Cisco NAC Appliance for Agent
Login and Client Posture Assessment
This chapter describes how to configure Agent distribution and installation for client machines, as well
as configure client posture assessment in the Cisco NAC Appliance system.
Overview, page 9-1
Add Default Login Page, page 9-3
Configure Agent Roles and User Profiles, page 9-3
Require Agent Login for Client Machines, page 9-3
Retrieving Cisco NAC Appliance Updates, page 9-12
Setting Up Agent Distribution/Installation, page 9-17
Configuring Agent-Based Posture Assessment, page 9-39
Post-Configuration and Agent Maintenance on the CAM, page 9-100
Overview
The Cisco NAC Agent and Cisco NAC Web Agent provide local posture assessment and remediation for
client machines.
Users download and install the Cisco NAC Agent (read-only client software), which can check the host
registry, processes, applications, and services. The Agent can be used to perform antivirus or
antispyware definition updates, distribute files uploaded to the Clean Access Manager, distribute website
links to websites in order for users to download files to fix their systems, or simply distribute
information/instructions.
Unlike the Cisco NAC Agent, the Cisco NAC Web Agent is not “persistent,” thus it only exists on the
client machine long enough to accommodate a single user session. Instead of downloading and installing
an Agent application, once the user opens a browser window, logs in to the NAC Appliance web login
page, and chooses to launch the temporal Cisco NAC Web Agent, a self-extracting Agent installer
downloads files to the client machine’s temporary directory, performs posture assessment/scans the
system to ensure security compliance, and report compliance status back to the Cisco NAC Appliance
system. For more information on Cisco NAC Appliance Agents, see Chapter 10, “Cisco NAC Appliance
Agents.
Agent posture assessment is configured in the CAM by creating requirements based on rules and
(optionally) checks, then applying the requirements to user roles/client operating systems. For an
illustrated overview, see Figure 9-10 on page 9-41.