Specifications
9-77
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment
Configuring Agent-Based Posture Assessment
a. For File Path, select:
–
SYSTEM_DRIVE – checks the C:\ drive
–
SYSTEM_ROOT – checks the root path for Windows systems
–
SYSTEM_32 – checks C:\WINDOWS\SYSTEM32
–
SYSTEM_PROGRAMS – checks C:\Program Files
b. For Operator, select:
–
exists or does not exist – File Existence check
–
earlier than, later than, same as – File Date or File Version check
c. For a File Date check type, also choose one of two values to check for File Date. This allows you
to specify “older than” or “newer than” by more than/fewer than x days to the current date.
–
Type the date/time of the client machine in mm/dd/yyyy hh:MM:ss format
–
Choose the CAM date, + or - from the dropdown, and type the number of days
d. For a File Date check type, select a File Date Type:
–
Creation date
–
Modification date
Service Check
• Service Status – Whether a service is currently running on the system.
Figure 9-34 Service Check Type
a.
Enter a Service Name. The Service Name in this context is the name that comes up when a user
double-clicks on the service in Microsoft Management Console with a “Service Name:” prefix. For
example, “Windows Firewall/Internet Connection Sharing (ICS)” would need to be configured as
“SharedAccess” in the Service Name field to check for the service.
b. Select an Operator:
–
running
–
not running