Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
784
Views
0
Helpful
6
Replies

NAC Solution Based on Symantec products

paltel
Level 1
Level 1

‎11-13-2005 01:39 AM - edited ‎02-21-2020 12:31 AM

I am now implementing Network Admission control with Symantec Client Security, I would ask if Symantec Posture Plug-in collect Symantec Agent attributes for Service Pack and OS and send it to Cisco Access Control Server 3.3, I am adding the Symantec Agent attributes to CACS 3.3 as follows and from ACS 3.3 see it , but when checking in logs files all Symantec Agent attributes values blanks.

[attr#37]

vendor-id=393

vendor-name=Symantec

application-id=1

application-name=SA

attribute-id=32768

attribute-name=Service Pack and OS

attribute-profile=in

attribute-type=string

[attr#38]

vendor-id=393

vendor-name=Symantec

application-id=1

application-name=SA

attribute-id=32767

attribute-name=System Status

attribute-profile=in

attribute-type=unsigned integer

thanks

0 Helpful
6 Replies 6

beth-martin
Level 5
Level 5

‎11-17-2005 02:20 PM

The NAC client is the Cisco Trust Agent (CTA) application. CTA collects data directly from the computer and from any NAC-compliant applications installed on the computer. It uses this data to create a set of attributes that contain information about the posture of the computer. These attributes are also called credentials. For more information about credentials, see About NAC Credentials and Attributes section in the following document.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a00802335f1.html#wp24435

0 Helpful

jan.nielsen
Level 7
Level 7
In response to beth-martin

‎11-18-2005 02:19 AM

The symantec product does not support os/hotfix/sp information through nac, for that you need Cisco Security Agent or wait for CTA 2.0 which will forward os/hotfix information.

0 Helpful

lmilher_2
Level 1
Level 1
In response to jan.nielsen

‎12-23-2005 08:06 AM

this friends are in right way !!!

I hace many customer with NAC phase 1, i am waiting for the NAC 2. Trend Micro officescan 7.3 come with the new CTA 2 making this job. I know the NAc implementation in no TRend installation is so difficult and the policy is static in the ACS, if the antivirus upgrade the signatures, you have to modify the policy in the ACS. With TRend this is dynamic because ACS ask to the antivirus server wic is the last signature. You can send me email if you need.

Enjoy.

0 Helpful

joshw
Level 1
Level 1
In response to lmilher_2

‎12-28-2005 09:35 PM

Do you have any sample configurations that show how to implement NAC1 with a Cisco 3005, Cisco ACS, and Trend Micro? We simply want to make sure clients connecting have the latest antivirus signature from trend and if not, quarantine them to a place where they can download it. Thanks.

0 Helpful

lmilher_2
Level 1
Level 1
In response to joshw

‎12-29-2005 05:01 AM

Sure, no problem, you can reach me to leo4888@hotmail.com

0 Helpful

jmoreno
Level 1
Level 1
In response to lmilher_2

‎01-04-2006 06:06 PM

Hi I need a sample to configure NAC using Cat6K and ACS, Can you send me any example

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card