Specifications
12-6
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 12 Configuring Network Scanning
Configure the Quarantine Role
For additional details on configuring Agent Requirements, see Configuring Agent-Based Posture
Assessment, page 9-39.
Configure the Quarantine Role
See Configure Network Scanning Quarantine Role, page 8-21 for details.
Load Nessus Plugins into the Clean Access Manager Repository
When the Clean Access Manager is first installed, its Nessus scan plugin repository is empty
(Figure 12-2). Plugins in the repository are listed under Device Management > Clean Access >
Network Scanner > Scan Setup > Plugins. You can manually load plugins you have downloaded from
the Nessus website—as a combined plugins.tar.gz file or as individual .nasl files—to the Clean Access
Manager’s plugin repository. You can also load .nasl plugins that you have created yourself.
Figure 12-2 Network Scanner Plugins Page
Note Due to a licensing requirement by Tenable, Cisco is not able to bundle pre-tested Nessus plugins or
automated plugin updates to Cisco NAC Appliance, effective Release 3.3.6/3.4.1. Customers can still
download Nessus plugins selectively and manually through http://www.nessus.org.
For details on Nessus plugin feeds, see http://www.nessus.org/plugins/index.php?view=feed.
To facilitate the debugging of manually uploaded plugins, see Show Log, page 12-17.
Note Most Nessus 2.2 plugins are supported and can be uploaded to the Clean Access Manager. You must
register for Nessus 2.2 plugins from http://www.nessus.org/plugins/index.php?view=register. Once you
register, you will be able to download the free plugins. Nessus version 2.2.7 has a NASL_LEVEL value
of less than 3004. Cisco NAC appliance does not support Nessus plugins which require the
NASL_LEVEL to be equal to or greater than 3004. Cisco NAC Appliance currently does not support
Nessus version 3.0 and later plugins.