Manualshelf

Specifications

ManualsBrandsSCAN ManualsHome building and Decor5-2
361362363364365366367368369370
Policy Server for Cisco NAC
10-23
Policy Server for NAC Deployment
The following procedures are for reference only and may be subject to change
depending on updates to either the Microsoft and/or Cisco interfaces.
Before performing any of the tasks, verify that the Network Access Device(s) on the
network are able to support Cisco NAC (see Supported Platforms and Requirements on page
10-21). See the device documentation for set up and configuration instructions. Also,
install the ACS server on the network. See the Cisco Secure ACS documentation for
instructions.
1. Install the OfficeScan server on the network (see the Installation and Upgrade Guide).
2. Install the OfficeScan client program on all clients whose antivirus protection you
want Policy Server to evaluate.
3. Enroll the Cisco Secure ACS server. Establish a trusted relationship between the
ACS server and a Certificate Authority (CA) server by having the ACS server issue a
certificate signing request. Then save the CA-signed certificate (called the ACS
certificate) on the ACS server (see Cisco Secure ACS Server Enrolment on page 10-24
for details).
4. Export the CA certificate to the ACS server and store a copy on the OfficeScan
server. This step is only necessary if you have not deployed a certificate to clients
and the ACS server (see CA Certificate Installation on page 10-24).
5. Deploy the Cisco Trust Agent and the CA certificate to all OfficeScan clients so
clients can submit security posture information to the Policy server (see Cisco Trust
Agent Deployment on page 10-26).
6. Install the Policy Server for Cisco NAC to handle requests from the ACS server (see
Policy Server for Cisco NAC Installation on page 10-30).
7. Export an SSL certificate from the Policy Server to the Cisco ACS server to
establish secure SSL communications between the two servers (see Policy Server for
Cisco NAC Installation on page 10-30).
8. Configure the ACS server to forward posture validation requests to the Policy
Server (see ACS Server Configuration on page 10-35).
9. Configure the Policy Server for NAC. Create and modify Policy Server rules and
policies to enforce your organization’s security strategy for OfficeScan clients (see
Policy Server for Cisco NAC Configuration on page 10-35).