Cisco Cisco NAC Appliance 4.1.0
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
10-5
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 10 Clean Access Implementation Overview
Clean Access Overview
Network Scanning Client Assessment
illustrates the general network scanning client assessment process when a user authenticates
via web login. If both the Clean Access Agent and network scanning are enabled for a user role, the user
follows the sequence shown in
follows the sequence shown in
for the network scanning portion. In this
case, the Clean Access Agent dialogs provide the user information where applicable.
Figure 10-4
Network Scanning Client Assessment (Web Login)
Clean Access Agent
The Clean Access Agent is read-only, easy-to-use client software that resides on Windows systems and
can check if an application or service is running, whether a registry key exists, or the value of a registry
key. The Agent can ensure that users have necessary software installed (or not installed) to keep their
machines from becoming vulnerable or infected.
can check if an application or service is running, whether a registry key exists, or the value of a registry
key. The Agent can ensure that users have necessary software installed (or not installed) to keep their
machines from becoming vulnerable or infected.
Note
There is no client firewall restriction with Clean Access Agent vulnerability assessment. The Agent can
check client registry, services, and applications even if a personal firewall is installed and running.
check client registry, services, and applications even if a personal firewall is installed and running.
The Clean Access Agent provides the following support:
•
Easy download and installation of the Agent on the client via initial one-time web login. The Agent
installs by default for the current user and all other users on the client PC.
installs by default for the current user and all other users on the client PC.
•
Windows and MacOS X (authentication-only) versions of the Agent (4.1.0.0+)
•
Flexible installation options for direct or stub installation of the Agent on client machines (4.1.0.0+)
•
Agent language template support for localized Agent user dialogs for supported locales/language
OS platforms (4.1.0.0+)
OS platforms (4.1.0.0+)
•
Auto-upgrade. Once the Agent is installed on a client, it can automatically detect, download, and
upgrade itself to next version. The Agent checks for a new Agent Patch Upgrade file at every login
request. The administrator can configure Agent auto-upgrade to be mandatory or optional for all
users, or can disable Patch Upgrade notification altogether.
upgrade itself to next version. The Agent checks for a new Agent Patch Upgrade file at every login
request. The administrator can configure Agent auto-upgrade to be mandatory or optional for all
users, or can disable Patch Upgrade notification altogether.