Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Cisco NAC Updates

We've had NAC installed at one site and I am working on the second now.  We have our Managers set up to download updates daily and I understand from previous answers to questions I posted on this forum that CISCO updates the OS items (i.e. hotfixes, MS Advisories, etc...) once a month.  I was told these updates take place within 48 hours of Patch Tuesday each month.  We get the daily virus updates that are published and are set up to download all updates.  It seems the updates to the OS come extremely infrequently and are way behind.  I've been watching for two months now.  Five days after "Patch Tuesday" last month we finally received a few updates related to some MS Advisories.  However, in reviewing the new checks the highest advisory # covered was MS10-076.  MS was already at 10-83 or 10-84 at the time.  I had to manually create the checks/rules, etc to cover the ones missing from the download.  I had hoped we would get some more after Patch Tuesday this month (Nov 10) but a week has passed and there are still no additional checks which have been published in our update downloads.  This makes it necessary for me to create new checks for each of the new advisories I am required to cover.  I am not sure what the update downloads are really doing for us other than making sure our virus signatures are up to date.

   So...I guess my question is, is this the norm and what I am to expect from Cisco each month?...if so, managing the NAC (on my three sites) is going to take me quite a bit of time each month since I will have to manually create most checks on three installations so I can meet my implementation deadlines.

William

1 REPLY
Cisco Employee

Re: Cisco NAC Updates

Hi William,

Although I'm not able to comment on the frequency or the content of the updates release, you may consider to configure the WSUS requirement to check against the Microsoft public or privately handled WSUS servers with the "severity" option on NAC.

When you use the "severity" option, then the check is not done against the rules defined on the NAC Manager but against the Microsoft servers.

Check the config guide for more details at:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1353947

I hope this helps.

Thanks,

Federico

--

If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.

425
Views
5
Helpful
1
Replies
CreatePlease to create content