Specifications
12-9
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 12 Configuring Network Scanning
Configure General Setup
Configure General Setup
After loading the scan plugins, you can configure scanning by user role and operating system. Before
starting, make sure user roles appropriate for your environment are created.
The General Setup page provides general controls to configure user roles and operating systems for
network scanning, including whether user agreement or scan report pages pop up, and whether a client
is blocked or quarantined if found with vulnerabilities.
To configure network scanning user page options:
1. Go to Device Management > Clean Access > General Setup> Web Login.
Figure 12-5 General Setup—Web Login
2. Choose the role for which you want to configure scanning from the User Role dropdown.
3. Similarly, choose the user operating system to which the configuration applies from the Operating
System dropdown. You can apply settings to all versions of an OS platform (such as
WINDOWS_ALL), or to a specific operating system version (such as WINDOWS_XP). ALL
settings will apply to a client system if a configuration for the specific version of that user’s
operating system does not exist.
If providing specialized settings, select the operating system and clear the checkbox for the ALL
setting (for example, deselect “Use 'ALL' settings for the WINDOWS OS family if no
version-specific settings are specified”).
4. Enable the network scanning options:
–
Show Network Scanner User Agreement page to web login users
–
Enable pop-up scan vulnerability reports from User Agreement page
–
Require users to be certified at every web login—this forces clients to go through network
scanning at each login (otherwise, clients go through scanning only the first time they log in.)