Specifications
9-52
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment
Configuring Agent-Based Posture Assessment
Note The Mac OS X Agent does not support automatic remediation. Therefore, the Remediation functions that
appear on the New Requirement configuration page (Remediation Type, Interval, and Retry Count) do
not serve any purpose when creating requirement types for Macintosh client remediation.
Step 5 If you want to enable and configure Auto Remediation for the Agent:
a. Choose the Remediation Type [Manual | Automatic] from the dropdown menu. Choosing Manual
preserves previous Agent behavior. The user has to click through each of the requirements using the
Next/Skip button in the Agent. Choosing Automatic sets the Agent to perform Auto Remediation,
where the Agent automatically performs updates or launches required programs on the client after
the user logs in.
b. If you configure the requirement to use automatic remediation, specify the Interval in seconds (the
default interval is 0). Depending on the requirement type, this interval either sets the delay before
the Agent re-attempts remediation or sets the total time allowed for a particular remediation process.
c. Enter the Retry Count []. Specifying a retry count sets a limit on the number of times the Agent
automatically retries the requirement if it initially fails. (The default retry count setting is 0.)
For details on configuring Auto Remediation, see Configuring Auto Remediation for Requirements,
page 9-98.
Note The Cisco NAC Web Agent does not support Auto Remediation.
Step 6 Choose an Antivirus Product Name from the dropdown menu or choose ANY. The Products table lists
all the virus definition product versions supported per client OS.
Note Cisco recommends specifying vendor names when appropriate because choosing the ANY option can
affect the Agent’s performance (the process takes longer) on the client machine.
Step 7 For the Requirement Name, type a unique name to identify this AV virus definition file requirement in
the Agent. The name will be visible to users on the Agent dialogs.
Step 8 In the Description field, type a description of the requirement and instructions to guide users who fail
to meet the requirement. For an AV Definition Update requirement, you should include instructions to
alert Cisco NAC Web Agent users of the requirement and for Cisco NAC Agent users to click the
Update/Remediate button to update their systems.
Note Some of the default user messages in the Agent dialogs are very similar between various rules and/or
requirements. To ensure the user clearly understands the remediation issue at hand, Cisco strongly
recommends providing an appropriate message in this field describing the nature and purpose of the
given function.
Step 9 Click the checkbox for at least one client Operating System (at least one must be chosen).
Step 10 Click Add Requirement to add the requirement to the Requirement List.