Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
5
Helpful
1
Replies

Cisco NAC Updates

docmilligan
Level 1
Level 1

‎11-18-2010 08:19 AM - edited ‎02-21-2020 04:09 AM

We've had NAC installed at one site and I am working on the second now.  We have our Managers set up to download updates daily and I understand from previous answers to questions I posted on this forum that CISCO updates the OS items (i.e. hotfixes, MS Advisories, etc...) once a month.  I was told these updates take place within 48 hours of Patch Tuesday each month.  We get the daily virus updates that are published and are set up to download all updates.  It seems the updates to the OS come extremely infrequently and are way behind.  I've been watching for two months now.  Five days after "Patch Tuesday" last month we finally received a few updates related to some MS Advisories.  However, in reviewing the new checks the highest advisory # covered was MS10-076.  MS was already at 10-83 or 10-84 at the time.  I had to manually create the checks/rules, etc to cover the ones missing from the download.  I had hoped we would get some more after Patch Tuesday this month (Nov 10) but a week has passed and there are still no additional checks which have been published in our update downloads.  This makes it necessary for me to create new checks for each of the new advisories I am required to cover.  I am not sure what the update downloads are really doing for us other than making sure our virus signatures are up to date.

   So...I guess my question is, is this the norm and what I am to expect from Cisco each month?...if so, managing the NAC (on my three sites) is going to take me quite a bit of time each month since I will have to manually create most checks on three installations so I can meet my implementation deadlines.

William

0 Helpful
1 Reply 1

Federico Lovison
Cisco Employee
Cisco Employee

‎11-25-2010 07:58 AM

Hi William,

Although I'm not able to comment on the frequency or the content of the updates release, you may consider to configure the WSUS requirement to check against the Microsoft public or privately handled WSUS servers with the "severity" option on NAC.

When you use the "severity" option, then the check is not done against the rules defined on the NAC Manager but against the Microsoft servers.

Check the config guide for more details at:

http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_agntd.html#wp1353947

I hope this helps.

Thanks,

Federico

--

If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card