Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAC Solution Based on Symantec products

I am now implementing Network Admission control with Symantec Client Security, I would ask if Symantec Posture Plug-in collect Symantec Agent attributes for Service Pack and OS and send it to Cisco Access Control Server 3.3, I am adding the Symantec Agent attributes to CACS 3.3 as follows and from ACS 3.3 see it , but when checking in logs files all Symantec Agent attributes values blanks.

[attr#37]

vendor-id=393

vendor-name=Symantec

application-id=1

application-name=SA

attribute-id=32768

attribute-name=Service Pack and OS

attribute-profile=in

attribute-type=string

[attr#38]

vendor-id=393

vendor-name=Symantec

application-id=1

application-name=SA

attribute-id=32767

attribute-name=System Status

attribute-profile=in

attribute-type=unsigned integer

thanks

6 REPLIES
Bronze

Re: NAC Solution Based on Symantec products

The NAC client is the Cisco Trust Agent (CTA) application. CTA collects data directly from the computer and from any NAC-compliant applications installed on the computer. It uses this data to create a set of attributes that contain information about the posture of the computer. These attributes are also called credentials. For more information about credentials, see About NAC Credentials and Attributes section in the following document.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a00802335f1.html#wp24435

Re: NAC Solution Based on Symantec products

The symantec product does not support os/hotfix/sp information through nac, for that you need Cisco Security Agent or wait for CTA 2.0 which will forward os/hotfix information.

New Member

Re: NAC Solution Based on Symantec products

this friends are in right way !!!

I hace many customer with NAC phase 1, i am waiting for the NAC 2. Trend Micro officescan 7.3 come with the new CTA 2 making this job. I know the NAc implementation in no TRend installation is so difficult and the policy is static in the ACS, if the antivirus upgrade the signatures, you have to modify the policy in the ACS. With TRend this is dynamic because ACS ask to the antivirus server wic is the last signature. You can send me email if you need.

Enjoy.

New Member

Re: NAC Solution Based on Symantec products

Do you have any sample configurations that show how to implement NAC1 with a Cisco 3005, Cisco ACS, and Trend Micro? We simply want to make sure clients connecting have the latest antivirus signature from trend and if not, quarantine them to a place where they can download it. Thanks.

New Member

Re: NAC Solution Based on Symantec products

Sure, no problem, you can reach me to leo4888@hotmail.com

New Member

Re: NAC Solution Based on Symantec products

Hi I need a sample to configure NAC using Cat6K and ACS, Can you send me any example

Regards

358
Views
0
Helpful
6
Replies