Cisco Cisco NAC Appliance 4.1.0
12-14
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 12 Configuring Clean Access Agent Requirements
Create Clean Access Agent Requirements
Create AV Definition Update Requirement
The following steps show how to create a new AV Definition Update requirement to check the client
system for the specified AV product(s) and version(s) using an associated AV Rule. If the client’s AV
definition files are not up-to-date, the user can simply click the Update button on the Clean Access
Agent, and the Agent causes the resident AV software launch its own update mechanism. Note that the
actual mechanism differs for different AV products (e.g. live update vs.command line parameter).
system for the specified AV product(s) and version(s) using an associated AV Rule. If the client’s AV
definition files are not up-to-date, the user can simply click the Update button on the Clean Access
Agent, and the Agent causes the resident AV software launch its own update mechanism. Note that the
actual mechanism differs for different AV products (e.g. live update vs.command line parameter).
1.
In the Clean Access Agent tab, click the Requirements submenu link and then New Requirement.
Figure 12-8
New Requirement
2.
For Requirement Type choose AV Definition Update
3.
Choose an Enforce Type from the dropdown menu:
–
Mandatory—Enforce requirement.The user is informed of this requirement and cannot
proceed or have network access unless the client system meets it.
proceed or have network access unless the client system meets it.
–
Optional— Do not enforce requirement. The user is informed of the requirement but can bypass
it if desired (by clicking “Next”). The client system does not have to meet the requirement for
the user to proceed or have network access.
it if desired (by clicking “Next”). The client system does not have to meet the requirement for
the user to proceed or have network access.
–
Audit—Silently audit. The client system is checked “silently” for the requirement without
notifying the user, and a report is generated. The report results (pass or fail) do not affect user
network access.
notifying the user, and a report is generated. The report results (pass or fail) do not affect user
network access.