I am now implementing Network Admission control with Symantec Client Security, I would ask if Symantec Posture Plug-in collect Symantec Agent attributes for Service Pack and OS and send it to Cisco Access Control Server 3.3, I am adding the Symantec Agent attributes to CACS 3.3 as follows and from ACS 3.3 see it , but when checking in logs files all Symantec Agent attributes values blanks.
The NAC client is the Cisco Trust Agent (CTA) application. CTA collects data directly from the computer and from any NAC-compliant applications installed on the computer. It uses this data to create a set of attributes that contain information about the posture of the computer. These attributes are also called credentials. For more information about credentials, see About NAC Credentials and Attributes section in the following document.
I hace many customer with NAC phase 1, i am waiting for the NAC 2. Trend Micro officescan 7.3 come with the new CTA 2 making this job. I know the NAc implementation in no TRend installation is so difficult and the policy is static in the ACS, if the antivirus upgrade the signatures, you have to modify the policy in the ACS. With TRend this is dynamic because ACS ask to the antivirus server wic is the last signature. You can send me email if you need.
Do you have any sample configurations that show how to implement NAC1 with a Cisco 3005, Cisco ACS, and Trend Micro? We simply want to make sure clients connecting have the latest antivirus signature from trend and if not, quarantine them to a place where they can download it. Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...