Specifications
9-56
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment
Configuring Agent-Based Posture Assessment
Figure 9-25 New AS Definition Update Requirement
Step 2
For Requirement Type choose AS Definition Update
Step 3 Choose an Enforce Type from the dropdown menu:
• Mandatory—Enforce requirement.The user is informed of this requirement and cannot proceed or
have network access unless the client system meets it.
• Optional— Do not enforce requirement. The user is informed of the requirement but can bypass it
if desired (by clicking Next/Skip in the Agent dialog). The client system does not have to meet the
requirement for the user to proceed or have network access.
• Audit—Silently audit. The client system is checked “silently” for the requirement without notifying
the user, and a report is automatically generated and sent back to the CAS. (Audit requirements do
not appear in the Mac OS X user’s Assessment Report window.) The report results (pass or fail) do
not affect user network access.
Refer to Configuring an Optional/Audit Requirement, page 9-94 for details.
Step 4 Choose the Priority of execution for this requirement on the client.
Note The Mac OS X Agent does not support automatic remediation. Therefore, the Remediation functions that
appear on the New Requirement configuration page (Remediation Type, Interval, and Retry Count) do
not serve any purpose when creating requirement types for Macintosh client remediation.
Step 5 If you want to enable and configure Auto Remediation for the Agent:
a. Choose the Remediation Type [Manual | Automatic] from the dropdown menu. Choosing Manual
preserves previous Agent behavior. The user has to click through each of the requirements using the
Next/Skip button in the Agent. Choosing Automatic sets the Agent to perform Auto Remediation,
where the Agent automatically performs updates or launches required programs on the client after
the user logs in.