Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
411412413414415416417418419420
10-2
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 10 Cisco NAC Appliance Agents
Cisco NAC Agent
administrator privileges do not need this file.) After successful Cisco NAC Agent installation, the user
is not required to have administrator privileges on the client machine, nor is the CCAAgentStub.exe
Agent Stub file needed.
After users log into the Cisco NAC Agent, the Agent gets the requirements configured for the user
role/operating system from the Clean Access Server, checks for the required packages, and sends a report
back to the CAM (via the CAS). If requirements are met on the client, the user is allowed network access.
If requirements are not met, the Agent presents a dialog to the user for each unmet requirement. The
dialog (configured in the New Requirement form) provides the user with instructions and the action to
take for the client machine to meet the requirement.
Cisco NAC Agent posture assessment is configured in the CAM by creating requirements based on rules
and (optionally) checks, then applying the requirements to user roles/client operating systems. For more
information, see Configuring Agent-Based Posture Assessment, page 9-39.
Cisco NAC Agent Download
Figure 10-1 illustrates the general user sequence for the initial download and install of the Cisco NAC
Agent, if the administrator has required use of the Agent for the user’s role and OS.
Figure 10-1 Downloading the Cisco NAC Agent
The Cisco NAC Agent software is always included as part of the Clean Access Manager software. When
the CAM is installed, the Agent Installation file is already present and automatically published from the
CAM to the CASs. To distribute the Agent to clients, you simply require the use of the Agent in the CAM
web console for the desired user role/operating system. Once downloaded and installed, the Agent
performs checks on the client according the requirements you have configured in the CAM.
First-time users can download and install the Agent by opening a web browser to log into the network.
If the user’s login credentials associate the user to a role that requires the Agent, the user will be
redirected to the Agent download page. After the Agent is downloaded and installed, the user is
immediately prompted to log into the network using the Agent dialogs, and is scanned for requirements.
After successfully meeting the requirements configured for the user’s role and operating system and
passing scanning (if enabled), the user is allowed access to the network.
Note In Windows 8 Operating System, the Internet Explorer has two modes, Desktop and Metro. In the Metro
mode, the ActiveX plugins are restricted. You cannot download NAC Agent in the Metro mode. You
must switch to Desktop mode and then launch Internet Explorer to download NAC Agent.
Note Unlike the Clean Access Agent, the Cisco NAC Agent does not support Nessus-based network scanning.