Cisco Cisco Clean Access 3.5
10-2
Cisco Clean Access Server Installation and Administration Guide
OL-7045-01
Chapter 10 Local Clean Access Settings
Add Exempt Devices
Add Exempt Devices
Designating a device as exempt is the way a device can be manually added to the
automatically-generated Certified Devices list. The CAS only adds a device to the Certified Devices list
if the device has passed network scanning with no vulnerabilities found, or met Clean Access Agent
system requirements, or both. Once added to the list, the device is considered clean and therefore exempt
from having to go through certification while its MAC address remains on the Certified Devices list.
Adding an exempt device in effect bypasses the automated Clean Access process to certify that the
device you are adding to the list is clean.
automatically-generated Certified Devices list. The CAS only adds a device to the Certified Devices list
if the device has passed network scanning with no vulnerabilities found, or met Clean Access Agent
system requirements, or both. Once added to the list, the device is considered clean and therefore exempt
from having to go through certification while its MAC address remains on the Certified Devices list.
Adding an exempt device in effect bypasses the automated Clean Access process to certify that the
device you are adding to the list is clean.
1.
Go to Device Management > CCA Servers > Manage [CAS_IP] > Filter > Clean Access >
Certified Devices.
Certified Devices.
Figure 10-1
Certified Devices (Local)
2.
Type the MAC address of the exempt device in the text field. Use line breaks to separate multiple
addresses.
addresses.
3.
Click Add Exempt.
Clear Exempt Devices
Clearing an exempt device means you are removing it from the Certified Devices list and forcing it to
go through Clean Access certification. Because exempt devices are manually added to the list, they must
also be manually removed. This also means that an exempt device on the Certified Devices list is
protected from being automatically removed when the global Certified Devices Timer is used to clear
the list at regularly scheduled intervals.
go through Clean Access certification. Because exempt devices are manually added to the list, they must
also be manually removed. This also means that an exempt device on the Certified Devices list is
protected from being automatically removed when the global Certified Devices Timer is used to clear
the list at regularly scheduled intervals.
To manually clear exempt devices from the list:
1.
Go to Device Management > CCA Servers > Manage [CAS_IP] > Filter > Clean Access >
Certified Devices (see
Certified Devices (see
2.
Click Clear Exempt. All exempt devices for this Clean Access Server will be cleared from the list.