Cisco Systems 3.3 Manual De Usuario
14-17
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 14 Network Admission Control
NAC Policies
Policies are reusable; that is, you can associate a single policy with more than one
NAC database. For example, if your NAC implementation requires two NAC
databases, one for NAC clients using NAI software and one for NAC clients using
Symantec software, you may need to apply the same rules about the operating
system of the NAC client regardless of which anti-virus application is installed.
You can create a single policy that enforces rules about the operating system and
associate it with the Symantec NAC database and the NAI NAC database.
NAC database. For example, if your NAC implementation requires two NAC
databases, one for NAC clients using NAI software and one for NAC clients using
Symantec software, you may need to apply the same rules about the operating
system of the NAC client regardless of which anti-virus application is installed.
You can create a single policy that enforces rules about the operating system and
associate it with the Symantec NAC database and the NAI NAC database.
The results of applying a policy are as follows:
•
Result credential type—The credential type and, therefore, the
NAC-compliant application to which the policy evaluation result applies.
NAC-compliant application to which the policy evaluation result applies.
•
Token—One of five predefined tokens that represents the posture of the NAC
client and, specifically, the application defined by the result credential type.
client and, specifically, the application defined by the result credential type.
•
Action—An optional text string, sent in the posture validation response to the
application defined by the result credential type.
application defined by the result credential type.
There are two kinds of policies: local and external.
This section contains the following topics:
•
•
•
•
Local Policies
This section contains the following topics:
•
•
•
•
•