Cisco Cisco Clean Access 3.5

Change properties as desired.

Click Update Policy when done.

Note that you cannot change the policy priority directly from the Edit form. To change a Priority, click 
the Up or Down arrows for the policy in the Move column of the IP policies list page.

With release 3.5(5) and above, default host policies for the Unauthenticated, Temporary, and Quarantine 
roles are automatically retrieved and updated after a Clean Access Agent Update or Clean Update is 
performed from the CAM (see 

 for complete details on Updates). 

You can configure custom DNS host-based policies for a role by host name or domain name when a host 
has multiple or dynamic IP addresses. Allowing DNS addresses to be configured per user role facilitates 
client access to the Windows or antivirus update sites that enable clients to fix their systems if Clean 
Access Agent requirements are not met or network scanning vulnerabilities are found. Note that to use 
any host-based policy, you must first add a Trusted DNS Server for the user role. 

After a software upgrade, new default host-based policies are disabled by default but enable/disable 
settings for existing host-based policies are preserved. 

After a Clean Update, all existing default host-based policies are removed and new default 
host-based policies are added with default disabled settings.