Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance

401

402

403

404

405

406

407

408

409

410

9-99

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 9 Configuring Cisco NAC Appliance for Agent Login and Client Posture Assessment

Configuring Agent-Based Posture Assessment

Configuring Auto Remediation for Requirements

You can configure Auto Remediation for all requirement types except File Distribution and Local Check.

Note This configuration example is specific to the Cisco Clean Access Agent. The Mac OS X Agent and Cisco

NAC Web Agent do not support Auto Remediation.

To configure Auto Remediation:

Step 1 Go to Device Management > Clean Access > Clean Access Agent > Requirements > New

Requirement, and select the Requirement Type. You can configure Auto Remediation for:

• Link Distribution

• AV Definition Update

• AS Definition Update

• Windows Update

• Launch Programs

• Windows Server Update Services

Step 2 Choose the Enforce Type [Mandatory | Optional | Audit] from the dropdown.

Step 3 Choose the Remediation Type [Manual | Automatic] from the dropdown.

Choosing Manual preserves the previous Agent behavior. The user has to click through each of the

requirements using the Next/Skip button.

Choosing Automatic sets the Agent to perform Auto Remediation, where the Agent automatically

performs updates or launches required programs on the client after the user logs in. The Agent

automatically performs different actions depending on the requirement type, for example:

• Auto launches URL in the default browser for Link Distribution

• Auto updates AV/AS definition files on the client for AV/AS Definition Update

• Auto launches Windows Auto Update(s) (in background) for Windows Update

• Auto launches programs for Launch Programs

• Auto installs WSUS client updates for Windows Server Update Services

When you check the Automatic option, you can optionally configure how long the Agent waits before

it retries the same requirement (Interval), and how many times the Agent retries the requirement if it

initially fails on the client (Retry Count). The effect of these options is slightly different depending on

the requirement type.

Note During Auto Remediation on the Agent, the resulting dialog displays only two buttons: Details and

Manual. Clicking Details shows additional progress messages for the Auto Remediation. If Auto

Remediation fails, the user can click the Manual button to change the Agent back to Manual mode,

where the user has to click through each requirement.