Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CSA to kick off a process

Is it possible for CSA to kick off something like a script or an application based on a system state?

We use NAC and CSA, and we want to kick off IE (with a fixed URL) when a certain NAC state is detected. We use this NAC state in CSA to add an extra rule module.

We know there is the posibility to do URL redirection on a L3 switch within NAC, but we use 2950's in this case.

Background; we want the clients to see a webpage come up when they are put in quarantine.

4 REPLIES
Silver

Re: CSA to kick off a process

New Member

Re: CSA to kick off a process

Anything specific you can point me to?

New Member

Re: CSA to kick off a process

Not at this time. CSA does not have the ability to execute specific / arbitrary processes based on a rule triggering.

This is actually by design. We speculated it was too dangereous for a policy intending to format the hard drive of the CEO's stolen laptop to trigger at the wrong time.

Consider using the CSA query dialog to inform the user they have entered quarantine. I do agree popping a browser can convey more information and link to solutions.

When the NAC state is entered and you add the extra rule module in CSA, that rule module can have a Application control rule to query the user starts the next process. Trigger the rule when all apps start all apps.

Or if you're inclined to write custom code, keep an eye on the registry value @ctaposture in the key HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\CSAgent\Persistent\@NetSet for changes. When it updates, your custom code can kick off the browser. open the key read only or CSA will block you.

Marcus

New Member

Re: CSA to kick off a process

Thanks, we can stop looking at CSA for this now.

Can you recommend something to monitor the registry key?

196
Views
5
Helpful
4
Replies
CreatePlease to create content