How to configure Cisco Security Agent (CSA) version 4.0 to permit the install user to stop CSA agent processses


Jun 22, 2009 4:13 PM
Jun 22nd, 2009


Determine if there is any explicit statement that permits this user state to disable the Cisco Security Agent (CSA) processes.

Although the combination of User State != (NOT equal to) install user and a deny action implies that install user is permitted, the system requires an explicit permit statement.

To construct a rule to explicitly permit this user state to make this change, perform these steps:

  1. Change the user state from Users Matching: All  But Not:  *\installuser to  Users Matching: *\installuser.
  2. Re-name the user state to InstallUser (so that it reads more logically).

  3. Ensure that The Rule Action = Allow "attempt to disable agent security is checked.

Re-test the rule.

Average Rating: 0 (0 ratings)


Login or Register to take actions

This Document

Posted June 22, 2009 at 4:13 PM
Comments:0 Avg. Rating:0
Views:2087 Contributors:0

Documents Leaderboard

Rank Username Points
1 18
2 14
3 12
4 10
5 8
Rank Username Points