Cisco Cisco NAC Appliance 4.1.0
12-30
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 12 Configuring Clean Access Agent Requirements
Create Clean Access Agent Requirements
For a simple rule that tests a single check, simply type the name of the check:
SymAVProcessIsActive
6.
Click Add Rule.
The console validates the rule and, if formed correctly, the rule appears in the Rule List. From there,
you can delete the rule, modify it, or copy it (create a new rule by copying this one).
you can delete the rule, modify it, or copy it (create a new rule by copying this one).
Validate Rules
The Clean Access Manager automatically validates rules and requirements as they are created. Invalid
rules have incompatibilities between checks and rules, particularly those relating to the target operating
system. These errors can arise when you create checks and rules for a particular operating system but
later change the operating system property for a check. In this case, a rule that uses the check and which
is still applicable for the formerly configured operating system is no longer valid. Rule validation detects
these and other errors.
rules have incompatibilities between checks and rules, particularly those relating to the target operating
system. These errors can arise when you create checks and rules for a particular operating system but
later change the operating system property for a check. In this case, a rule that uses the check and which
is still applicable for the formerly configured operating system is no longer valid. Rule validation detects
these and other errors.
The Validity column under Device Management > Clean Access > Clean Access Agent > Rules >
Rule List display rule validity as follows:
Rule List display rule validity as follows:
•
— The rule is valid.
•
— The rule is invalid. Highlight this icon with your mouse to display the validity status message
for this rule. The status message displays which check is causing the rule to be invalid, in the form:
Invalid rule [rulename], Invalid check [checkname] in rule expression.
Figure 12-19
Rule List
To Correct an Invalid Rule:
1.
Go to Device Management > Clean Access > Clean Access Agent > Rules > Rule List
2.
Click the Edit button for the invalid rule.
3.
Correct the invalid Rule Expression. If the rule is invalid because a check has been deleted, make
sure you associate the rule with a valid check.
sure you associate the rule with a valid check.
4.
Make sure the correct Operating System. is selected.
5.
Make sure the Requirement met if: expression is correctly configured.