naccomter
The following is a list of the various components and the important terms you need to become familiar with to understand and use Policy Server for Cisco NAC.
The following components are necessary in the Trend Micro implementation of Policy Server for Cisco NAC:
|
Policy Server for Cisco NAC Components |
|
Component |
Description |
|
Cisco Trust Agent (CTA) |
A program installed on a client computer that allows it to communicate with other Cisco NAC components |
|
OfficeScan client computer |
A computer with the OfficeScan client program installed. To work with Cisco NAC, the client computer also requires the Cisco Trust Agent. |
|
Network Access Device |
A network device that supports Cisco NAC functionality. Supported Network Access Devices include a range of Cisco routers, firewalls, and access points, as well as third-party devices with Terminal Access Controller Access Control System (TACACS+) or the Remote Dial-In User Service (RADIUS) protocol. For a list of supported devices, see Supported Platforms and Requirements. |
|
Cisco Secure Access Control Server (ACS) |
A server that receives OfficeScan client antivirus data from the client through the Network Access Device and passes it to an external user database for evaluation. Later in the process, the ACS server also passes the result of the evaluation, which may include instructions for the OfficeScan client, to the Network Access Device. |
|
Policy Server |
A program that receives and evaluates OfficeScan client antivirus data. After performing the evaluation, the Policy Server determines the actions the OfficeScan client should carry out and then notifies the client to perform the actions. |
|
OfficeScan server |
Reports the current Virus Pattern and Virus Scan Engine versions to the Policy Server, which uses this information to evaluate the OfficeScan client’s antivirus status. |
Become familiar with the following terms related to Policy Server for Cisco NAC:
|
Policy Server for Cisco NAC Terms |
|
Term |
Definition |
|
Security posture |
The presence and currency of antivirus software on a client. In this implementation, security posture refers to whether or not the OfficeScan client program exists on client computers, the status of certain OfficeScan client settings, and whether or not the Virus Scan Engine and Virus Pattern are up-to-date. |
|
Posture token |
Created by the Policy Server after OfficeScan client validation. It includes information that tells the OfficeScan client to perform a set of specified actions, such as enabling Real-time Scan or updating antivirus components. |
|
Client validation |
The process of evaluating client security posture and returning the posture token to the client |
|
Policy Server rule |
Guidelines containing configurable criteria the Policy Server uses to measure OfficeScan client security posture. A rule also contains actions for the client and the Policy Server to carry out if the security posture information matches the criteria (see Policy Server Policies and Rules for detailed information). |
|
Policy Server policy |
A set of rules against which the Policy Server measures the security posture of OfficeScan clients. Policies also contain actions that clients and the Policy Server carry out if the criteria in the rules associated with the policy do not match the security posture (see Policy Server Policies and Rules for detailed information). |
|
Authentication, Authorization, and Accounting (AAA) |
Describes the three main services used to control end-user client access to computer resources. Authentication refers to identifying a client, usually by having the user enter a user name and password. Authorization refers to the privileges the user has to issue certain commands. Accounting refers to a measurement, usually kept in logs, of the resources utilized during a session. The Cisco Secure Access Control Server (ACS) is the Cisco implementation of an AAA server. |
|
Certificate Authority (CA) |
An authority on a network that distributes digital certificates for the purposes of performing authentication and securing connections between computers and/or servers. |
|
Digital |
An attachment used for security. Most commonly, certificates authenticate clients with servers, such as a web server, and contain the following: user identity information, a public key (used for encryption), and a digital signature of a Certificate authority (CA) to verify that the certificate is valid. |
|
Remote Authentication Dial-In User Service (RADIUS) |
An authentication system requiring clients to enter a user name and password. Cisco Secure ACS servers support RADIUS. |
|
Terminal Access Controller Access Control System (TACACS+) |
A security protocol enabled through AAA commands used for authenticating end-user clients. Cisco ACS servers support TACACS+. |