Cisco Cisco NAC Appliance 4.1.0
12-28
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 12 Configuring Clean Access Agent Requirements
Create Clean Access Agent Requirements
Figure 12-17
Application Check Type
a.
Enter an Application Name.
b.
Select an Operator: running or not running.
5.
Click Add Check when finished.
Create Custom Rule
A rule is an expression made up of checks and operators. A rule is the unit used by the Clean Access
Agent to assess a vulnerability on a particular operating system. The result of the rule expression is
considered to assess compliance with the Clean Access Agent requirement. A rule can be made up of a
single check or it can have multiple checks combined with Boolean operators.
Agent to assess a vulnerability on a particular operating system. The result of the rule expression is
considered to assess compliance with the Clean Access Agent requirement. A rule can be made up of a
single check or it can have multiple checks combined with Boolean operators.
shows the
operators along with their order of evaluation.
Operators of equal priority are evaluated from left to right. For example, a rule may be defined as
follows:
follows:
adawareLogRecent & (NorAVProcessIsActive | SymAVProcessIsActive)
The
adawareLogRecent
check and either the
NorAVProcessIsActive
check or the
SymAVProcessIsActive
check must be satisfied for the rule to be considered met. Without parentheses,
the following would be implied:
Table 12-2
Rule Operators
Priority
Operator
Description
1
()
parens for evaluation priority
2
!
not
3
&
and
3
|
or