cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

784
Views
10
Helpful
3
Replies
Highlighted
Beginner

Posture Validation on ACS 5.3

Hi

Can anyone tell me if it's possible to enable Posture validation on ACS 5.3.

If so, could I have a link or a procedure for implementation ?

best regards

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Advocate

Hi,

ACS 5.3 does not perform posture validation, like 4.2 did. That was known as nac framework and Cisco has dedicated appliance (Cisco clean access - cisco.com/go/nac) and a new appliance which uses radius and is a hybrid of ACS 5 and nac called ISE (cisco.com/go/ise).

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Highlighted

Hi,

You bring up a very interesting point, however from my experience with supporting and working with ACS there isnt any posture validation configuration that I know of, also in the user guide there isnt a posture validation section that I have seen. I am wondering if this is a documentation bug to see if this needs to be addressed.

If you look at the migration mapping found here:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/migration/guide/Appendix_B_Config_Mapping.html

There is an "N/A" for posture validation on ACS 5.x

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

3 REPLIES 3
Highlighted
Advocate

Hi,

ACS 5.3 does not perform posture validation, like 4.2 did. That was known as nac framework and Cisco has dedicated appliance (Cisco clean access - cisco.com/go/nac) and a new appliance which uses radius and is a hybrid of ACS 5 and nac called ISE (cisco.com/go/ise).

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Highlighted

Hi Tarik,

Thank you for your reply

but why  some links like this, it appears that ACS5.3 can activate posture validation

http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-683481.pdf

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/ACSuserguide.pdf

So what can we do to get this feature with ACS 5.3 (1121-K9). can  we migrate to ISE 1.0? our customer is not a ATP certified and therefore can not buy ISE

Highlighted

Hi,

You bring up a very interesting point, however from my experience with supporting and working with ACS there isnt any posture validation configuration that I know of, also in the user guide there isnt a posture validation section that I have seen. I am wondering if this is a documentation bug to see if this needs to be addressed.

If you look at the migration mapping found here:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/migration/guide/Appendix_B_Config_Mapping.html

There is an "N/A" for posture validation on ACS 5.x

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Content for Community-Ad