Cisco Cisco Clean Access 3.5

Designating a device as exempt is the way a device can be manually added to the 
automatically-generated Certified Devices list. The CAS only adds a device to the Certified Devices list 
if the device has passed network scanning with no vulnerabilities found, or met Clean Access Agent 
system requirements, or both. Once added to the list, the device is considered clean and therefore exempt 
from having to go through certification while its MAC address remains on the Certified Devices list. 
Adding an exempt device in effect bypasses the automated Clean Access process to certify that the 
device you are adding to the list is clean. 

Go to Device Management > CCA Servers > Manage [CAS_IP] > Filter > Clean Access > 
Certified Devices.

Type the MAC address of the exempt device in the text field. Use line breaks to separate multiple 
addresses. 

Click Add Exempt. 

Clearing an exempt device means you are removing it from the Certified Devices list and forcing it to 
go through Clean Access certification. Because exempt devices are manually added to the list, they must 
also be manually removed. This also means that an exempt device on the Certified Devices list is 
protected from being automatically removed when the global Certified Devices Timer is used to clear 
the list at regularly scheduled intervals. 

Go to Device Management > CCA Servers > Manage [CAS_IP] > Filter > Clean Access > 
Certified Devices (see 

Click Clear Exempt. All exempt devices for this Clean Access Server will be cleared from the list.