Specifications
Policy Server for Cisco NAC
10-39
Client Validation Logs
Use the client validation logs to view detailed information about clients when they
validate with the Policy Server. Validation occurs when the ACS server retrieves client
security posture data and sends it to the Policy Server, which compares the data to
policies and rules (see The Client Validation Sequence on page 10-7).
Note: To generate client validation logs, when adding or editing a new rule or policy, select
the check box under Server-side actions.
To access the Web console screens for Cisco ACS logs, go to the Policy Server Web
console and click Logs > View Client Validation Logs on the main menu.
Client Log Maintenance
The Policy Server archives client validation logs when they reach a size you specify. It
can also delete log files after a specified number of log files accumulates. Specify the way
Policy Server maintains client validation logs by clicking Logs > Log Maintenance on
the Policy Server Web console.
Administrative Tasks
Perform the following administrative tasks on the Policy Server:
• Change password: Change the password configured when adding the Policy Server
(see Policy Server Configuration from OfficeScan on page 10-36)
• Configure a synchronization schedule: The Policy Server needs to periodically
obtain the version of the Virus Pattern and Virus Scan Engine on the OfficeScan
server to evaluate OfficeScan client security posture. Therefore, you cannot enable
or disable scheduled synchronization. By default, the Policy Server synchronizes
with the OfficeScan server(s) every five minutes (see Synchronization on page 10-17
for more information).
Note: Manually synchronize the Policy Server with the OfficeScan server at any time on
the Summary screen (see Summary Information for a Policy Server on page 10-36).
To access the Web console screens for Cisco ACS administration tasks, go to the Policy
Server Web console and click Administration on the main menu.