Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
371372373374375376377378379380
9-66
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment
Configuring Agent-Based Posture Assessment
Windows operating systems can be customized in many ways to include hotfixes and service packs as
part of the operating system installation. In some cases, the Agent may not be able to detect hotfix key
values in the registry when the hotfix is part of the operating system. In these cases, Cisco recommends
using the Windows Server Update Services (WSUS) requirement, which can be configured to access
external Windows Updates servers. For more information, see Configuring a Windows Server Update
Services Requirement, page 9-57.
Prerequisites
The Windows Server Update Services requirement type applies only to Windows 8.1/8/7/Vista/XP
client machines. It supports checking Cisco- and Windows-based client operating system
verification and customized update installation options based on update severity.
The network administrator must ensure the Automatic Updates Agent is updated to support a local
WSUS server to support auto-launch capabilities. For details, refer to
http://www.microsoft.com/windowsserversystem/updateservices/evaluation/faqs.mspx
In order to support Windows Server Update Services operations, client machines must have version
5.4.3790.1000 (or a more recent version) of the WUAUENG.dll file installed.
WSUS forced update may take a while. Generally, it is launched and run in the background.
Some Microsoft Windows components (such as Internet Explorer 7) require admin privileges in
order to successfully update. If the user does not have admin privileges on the client machine, the
Windows update process returns a “WU_E_NO_INTERACTIVE_USER” error. Therefore, Cisco
recommends making any Windows updates requiring admin privileges “Optional” to minimize
update failures. For details, refer to http://msdn2.microsoft.com/en-us/library/aa387289.aspx.
If there are update errors, see C:\Windows\Windows Update.log or
C:\Windows\WindowsUpdate.log.
The steps to configure a Windows Update requirements are as follows:
Step 1 Create a Windows Update Requirement, page 9-66
Step 2 Map Windows Update Requirement to Windows Rules, page 9-69
Step 3 Apply Requirements to User Roles, page 9-92
Step 4 Validate Requirements, page 9-93