Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance

451

452

453

454

455

456

457

458

459

460

10-45

Cisco NAC Appliance - Clean Access Manager Configuration Guide

OL-28003-01

Chapter 10 Cisco NAC Appliance Agents

Mac OS X Cisco NAC Agent

Configuration Steps for the Mac OS X Cisco NAC Agent

The basic steps needed to configure the Mac OS X Cisco NAC Agent are as follows:

1. Make sure to follow the steps in Agent Configuration Steps, page 9-3 to enable distribution and

download of the Mac OS X Cisco NAC Agent, including Require Agent Login for Client Machines,

page 9-3 and Setting Up Agent Distribution/Installation, page 9-17.

2. Configure Mac OS X Agent requirements using the instructions in Configuring Agent-Based

Posture Assessment, page 9-39:

a. Configuring AV/AS Definition Update Requirements, page 9-41

b. Configuring Custom Checks, Rules, and Requirements, page 9-70

c. Map Requirements to Rules, page 9-90

d. Apply Requirements to User Roles, page 9-92

e. Validate Requirements, page 9-93

f. Configuring an Optional/Audit Requirement, page 9-94

Mac OS X Cisco NAC Agent Configuration File Settings

This Mac OS X Cisco NAC Agent features can be configured and enabled by setting the parameters in

the following files:

• ~/Library/Application Support/Cisco Systems/CCAAgent/preference.plist

• /Applications/CCAAgent/Contents/Resources/setting.plist

Table 10-1 lists the configuration parameters that are supported.

Mac OS X Posture Assessment Prerequisites/Restrictions

Macintosh Client machines and the CAM/CAS must meet the following requirements to be able to

perform posture assessment using the Mac OS X Cisco NAC Agent.

Mac OS X Agent Prerequisites

• The Mac OS X Agent installer (built by Apple’s “Package Maker” system application) installs two

application files on the client: CCAAgent.app to launch the Mac OS X Cisco NAC Agent, and

dhcp_refresh to facilitate IP address refresh procedures.

• The client machine must be running the most recent release of 10.5 (release 10.5.2) or later to

support Macintosh client posture assessment. Mac OS 10.2 and 10.3 do not support posture

assessment and remediation. For more information, see Support Information for Cisco NAC

Appliance Agents, Release 4.5 and Later.

• Auto-upgrade of the Mac OS X Agent is supported starting from version 4.1.3.0 and later in

Cisco NAC Appliance. Users can upgrade client machines to the latest Mac OS X Agent by

downloading the Agent via web login and running the Agent installation. For more information, see

the corresponding Release Notes for Cisco NAC Appliance.

• When a Link Distribution requirement type launches a browser, it uses the default browser which

the user can configure in their Safari browser’s Preference settings. The user can pick any browser

they like, including Safari, Firefox, or Opera.