03-14-2006 12:24 PM - edited 02-21-2020 12:46 AM
I need to found the Nac Attributes definition file to Antivirus VirusScan of Network associate. I searched on the WEB but I not find. Somebody know from where I can download.
03-20-2006 01:04 PM
ACS does not include any non-Cisco attributes by default. Therefore, you must import a NAC Attribute Definition File (ADF) from each vendor application that you would like to validate in your NAC posture-validation policies. The attributes that are added can be used to create conditions for internal policies.
NAC introduces the ability to authorize network hosts not only based upon user or machine identity; but also upon a host's posture validation. The posture validation is determined by comparing the host's credentials to a posture-validation policy which you create from attribute-value pairs (AVPs), which are defined by Cisco and other vendors who are NAC partners. Since the range of NAC attributes extends across many vendors and applications, you must import the non-Cisco attributes.
To import a NAC attribute definition file:
Obtain one or more ADFs for the NAC-compatible applications that you want to validate with ACS.
Place the ADFs in the same directory as the ACS utility, CSUtil.exe
On the host that is running ACS, open a cmd command prompt and navigate to the directory that contains CSUtil.exe.
Add the AVPs to ACS by using the command:
CSUtil.exe -addAVP filename.adf
After successfully adding the AVPs, restart CSAdmin, CSLog, and CSAuth.
03-22-2006 12:05 AM
in some cases ACS includes the first 2 attributes of vendors, for example altiris or qualys auditserver.
They are in config but not active.
To activate them you need a dummy attribute-definition-file, for example:
[attr#0]
vendor-id=ID
vendor-name=NAME
application-id=6
application-name=Audit
attribute-id=00003
attribute-name=Dummy-attr
attribute-profile=out
attribute-type=unsigned integer
but in your case you will need more then this,
so the only way is to contact the distributor
or your cisco contact for that file.
(i got my 2 adf files i used from cisco,
because the distributor didn't have them,
weird but true)
and don't forget the clientside info files
for the posture agent, you will need them too.
(.inf, .dll)
best regards
harry
04-06-2006 01:14 PM
You can use the folloing for network associates as the ADF file. Unfortunately when you try to find these files they are hard to find and nobody seems to know what you are talking about. Just copy and paste these and import them using the CSUtil.exe after importing this you will need to restart CSAdmin, CSLog and CSAuth.
Adam
ADF Below:
[attr#29]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00001
attribute-name=Application-Posture-Token
attribute-profile=out
attribute-type=unsigned integer
[attr#30]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00002
attribute-name=System-Posture-Token
attribute-profile=out
attribute-type=unsigned integer
[attr#31]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00003
attribute-name=Software-Name
attribute-profile=in out
attribute-type=string
[attr#32]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00004
attribute-name=Software-ID
attribute-profile=in out
attribute-type=unsigned integer
[attr#33]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00005
attribute-name=Software-Version
attribute-profile=in out
attribute-type=version
[attr#34]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00006
attribute-name=Scan-Engine-Version
attribute-profile=in out
attribute-type=version
[attr#35]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00007
attribute-name=Dat-Version
attribute-profile=in out
attribute-type=version
[attr#36]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00008
attribute-name=Dat-Date
attribute-profile=in out
attribute-type=date
[attr#37]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00009
attribute-name=Protection-Enabled
attribute-profile=in out
attribute-type=unsigned integer
[attr#38]
vendor-id=3401
vendor-name=NAI
application-id=3
application-name=AV
attribute-id=00010
attribute-name=Action
attribute-profile=out
attribute-type=string
04-07-2006 01:29 AM
so it's one standard for all !?
as i see, for an av-client it's just necessary
to change the vendor-id and the vendor-name,
everything else is identical.
The one you posted is for example the same
as the adf for trendmicro (just vendor-id=6101 and
vendor-name=Trend)
04-10-2006 01:50 PM
Harry,
I guess so. I do know that it works for doing posture validation.
Adam
05-18-2006 12:06 PM
ADF files can be downloaded here: http://nac.cisco.com/Public/NACProgram/ADFs/
Silvo
06-20-2006 07:24 AM
hi Silvo the URL you provided can't be opened?
06-26-2006 03:21 AM
Hello
I have try to save this in a file and run but it don't work. I get this.
C:\Program Files\CiscoSecure ACS v4.0\bin>CSUtil.exe -addAVP c:\test\nac.adf
CSUtil v4.0(1.27), Copyright 1997-2005, Cisco Systems Inc
=== AVP Summary ===
0 AVPs have been added to the dictionary (DB).
C:\Program Files\CiscoSecure ACS v4.0\bin>
08-29-2006 03:29 AM
I solve the problem. It was the number in the file.
The first attribute definition in the file must have the header [attr#0], the second attribute definition in a file must have the header [attr#1], and so on. A break in the numbering causes CSUtil.exe to ignore attribute definitions at the break and beyond. For example, if a file with 10 attribute definitions the fifth attribute is defined as [attr#5] instead of [attr#4], CSUtil.exe ignores the attribute that is defined as [attr#5] and remaining five the attributes following it.
09-08-2006 05:48 AM
Yes, your correct about that attr#. We figured this out the other day. The adf must begin with attr0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide