11-13-2005 01:39 AM - edited 02-21-2020 12:31 AM
I am now implementing Network Admission control with Symantec Client Security, I would ask if Symantec Posture Plug-in collect Symantec Agent attributes for Service Pack and OS and send it to Cisco Access Control Server 3.3, I am adding the Symantec Agent attributes to CACS 3.3 as follows and from ACS 3.3 see it , but when checking in logs files all Symantec Agent attributes values blanks.
[attr#37]
vendor-id=393
vendor-name=Symantec
application-id=1
application-name=SA
attribute-id=32768
attribute-name=Service Pack and OS
attribute-profile=in
attribute-type=string
[attr#38]
vendor-id=393
vendor-name=Symantec
application-id=1
application-name=SA
attribute-id=32767
attribute-name=System Status
attribute-profile=in
attribute-type=unsigned integer
thanks
11-17-2005 02:20 PM
The NAC client is the Cisco Trust Agent (CTA) application. CTA collects data directly from the computer and from any NAC-compliant applications installed on the computer. It uses this data to create a set of attributes that contain information about the posture of the computer. These attributes are also called credentials. For more information about credentials, see About NAC Credentials and Attributes section in the following document.
11-18-2005 02:19 AM
The symantec product does not support os/hotfix/sp information through nac, for that you need Cisco Security Agent or wait for CTA 2.0 which will forward os/hotfix information.
12-23-2005 08:06 AM
this friends are in right way !!!
I hace many customer with NAC phase 1, i am waiting for the NAC 2. Trend Micro officescan 7.3 come with the new CTA 2 making this job. I know the NAc implementation in no TRend installation is so difficult and the policy is static in the ACS, if the antivirus upgrade the signatures, you have to modify the policy in the ACS. With TRend this is dynamic because ACS ask to the antivirus server wic is the last signature. You can send me email if you need.
Enjoy.
12-28-2005 09:35 PM
Do you have any sample configurations that show how to implement NAC1 with a Cisco 3005, Cisco ACS, and Trend Micro? We simply want to make sure clients connecting have the latest antivirus signature from trend and if not, quarantine them to a place where they can download it. Thanks.
12-29-2005 05:01 AM
Sure, no problem, you can reach me to leo4888@hotmail.com
01-04-2006 06:06 PM
Hi I need a sample to configure NAC using Cat6K and ACS, Can you send me any example
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide