Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance

451

452

453

454

455

456

457

458

459

460

10-44

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 10 Cisco NAC Appliance Agents

Mac OS X Cisco NAC Agent

Note To log off the network and disengage the Cisco NAC Web Agent, the user can also

right-click a Agent icon in the system tray and select Logout.

If you close the Web Agent connection browser window without “logging out” of the system, the

user session remains active with the assigned user role until the CAM detects that the client machine

is not longer available, a session timeout occurs, or some other event takes place to reveal the correct

client machine state.

Note The administrator can configure the Web Agent Login success dialog to close automatically after a

specified number of seconds, or not to appear at all. See Agent Login, page 1-7 for details.

Mac OS X Cisco NAC Agent

This section describes how to configure the Mac OS X Cisco NAC Agent to allow users to log in to the

internal network via a persistent network access application installed on the client machine.

• Mac OS X Cisco NAC Agent Overview, page 10-44

• Configuration Steps for the Mac OS X Cisco NAC Agent, page 10-45

• Mac OS X Cisco NAC Agent Configuration File Settings, page 10-45

• Mac OS X Posture Assessment Prerequisites/Restrictions, page 10-45

• Requirement Types Supported for Mac OS X Agent, page 10-49

• Mac OS X Cisco NAC Agent Dialogs, page 10-50

• Mac OS X Cisco NAC Agent Application File Locations, page 10-63

Mac OS X Cisco NAC Agent Overview

The Mac OS X Cisco NAC Agent provides local-machine Agent-based posture assessment and

remediation for client machines. Users download and install the Agent (read-only client software),

which can check the host registry, processes, applications, and services.

After users log into the Cisco NAC Agent, the Agent gets the requirements configured for the user

role/operating system from the Clean Access Server, checks for the required packages and sends a report

back to the CAM (via the CAS). If requirements are met on the client, the user is allowed network access.

If requirements are not met, the Agent presents a dialog to the user for each unmet requirement. The

dialog (configured in the New Requirement form) provides the user with instructions and the action to

take for the client machine to meet the requirement.

Mac OS X Cisco NAC Agent posture assessment is configured in the CAM by creating requirements

based on rules and (optionally) checks, then applying the requirements to user roles/client operating

systems. For more information, see Configuring Agent-Based Posture Assessment, page 9-39.

Note In the CAM web console, you can view the distribution options for the Mac OS X Cisco NAC Agent

under Device Management > Clean Access > Clean Access Agent > Distribution. See Agent

Distribution, page 9-18 for details.