Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

What is the difference of CSA and CTA?

Hi all,

May I know What is the difference of CSA and CTA?



New Member

Re: What is the difference of CSA and CTA?

Hi Mak

Cisco Trust Agent (CTA) is a software agent that gathers information about certain software installed on the host (such as, Antivirus software level and definition level, Windows update level and others) and sends this off to a ACS server, which then talks to a policy servers (which include, for instance, Trnd Micro Officescan with it's aaosicatied policy server for NAC). CTA is a primary component of Network Admission Control (NAC). NAC can be deployed in several different ways, but comes in two major forms: NAC Framework and NAC Appliance. The basic idea of NAC is to prevent/limit network access to hosts that do not meet a company's anti-virus and update posture.

Cisco Security Agent (CSA) is a complex Agent that is installed on a client from a central management system (VMS Basic with CSA module at a minimum - but I might be out of date on that bit). Within the central management system, you define malicious and non-malicious actions specific to one's own network. The CSA agent, when deployed, will then permit a host to perform certain actions and then deny others based upon the policy's that a system administrator defines. It has some default settings, but one should change these fairly quickly to make sure that you are getting the best out of this product. However, it is most important that this is configured correctly, as it is very easy to completely lock yourself out of all your systems if not careful. That is why many are going to professional services companies to deploy it for them and train administrators on cetain configuration options to maintain the system ongoing. CSA does not quarantine a host (like CTA within a NAC deployment would), but it prevents certain actions from being carried out within a network at source.

Hope that helps. Any other questions, let us know.



CreatePlease login to create content