Specifications

9-79

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment

Configuring Agent-Based Posture Assessment

The adawareLogRecent check and either the NorAVProcessIsActive check or the

SymAVProcessIsActive check must be satisfied for the rule to be considered met. Without parentheses,

the following would be implied:

(adawareLogRecent & NorAVProcessIsActive) | SymAVProcessIsActive

In this case, either SymAVProcessIsActive or both of the first two checks must be true for the rule to be

considered met.

Use the following steps to create a custom Rule.

Step 1 In the Clean Access Agent tab, click the Rules submenu link and then New Rule.

Figure 9-36 New Rule

Step 2 Type a unique Rule Name.

Step 3 Enter a Rule Description.

Note Some of the default user messages in the Agent dialogs are very similar between various rules and/or

requirements. To ensure the user clearly understands the remediation issue at hand, Cisco strongly

recommends providing an appropriate message in this field describing the nature and purpose of the

given function.

Step 4 Select the Operating System for which the rule applies. If Updates have been downloaded, the

pre-configured checks for that operating system appear in the Checks for Selected Operating System

list below.

Step 5 Create the Rule Expression by combining checks and operators. Use the list to select the names of

checks and copy and paste them to the Rule Expression text field. Use the following operators with the

checks: () (evaluation priority), ! (not), & (and), | (or).

For example:

adawareLogRecent & (NorAVProcessIsActive | SymAVProcessIsActive)