Specifications
9-94
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment
Configuring Agent-Based Posture Assessment
Step 4 Check the Login checkbox for each requirement you want to apply to users in the role during login.
Step 5 Check the Passive checkbox for each requirement you want to apply Passive Re-assessment. See Role
Properties, page 6-9 for more details on Passive Re-assessment.
Step 6 Click Update.
Step 7 Before finishing, make sure users in the role are required to use the Agent. See Require Agent Login for
Client Machines, page 9-3.
Validate Requirements
The Clean Access Manager automatically validates requirements and rules as they are created. The
Valid ity column under Device Management > Clean Access > Clean Access Agent > Requirements
> Requirement List displays a blue checkmark if the requirement is valid and a red “X” if the
requirement is invalid.
Highlighting red “X” icons (if any) with your mouse reveals which rule and which check is causing the
requirement to be invalid, in the form:
Invalid rule [rulename] in package [requirementname] (Rule verification error: Invalid
check [checkname] in rule expression)
The requirement must be corrected and made valid before it can be used. Typically requirements/rules
become invalid when there is an operating system mismatch.
To Correct an Invalid Requirement:
Step 1 Go to Device Management > Clean Access > Clean Access Agent > Requirements >
Requirement-Rules.
Step 2 Correct any invalid rules or checks as described in Validate Rules, page 9-79.
Step 3 Select the invalid Requirement Name from the dropdown menu.
Step 4 Select the Operating System.
Step 5 Make sure the Requirement met if: expression is correctly configured.
Step 6 Make sure the rules selected for the requirement are valid (blue checkmark in Validity column).