The following procedures
are for reference only and may be subject to change depending on
updates to either the Microsoft and/or Cisco interfaces.
Before performing any of the tasks, verify that the Network Access
Device(s) on the network are able to support Cisco NAC (see
Supported Platforms and Requirements). See the device
documentation for set up and configuration instructions. Also, install
the ACS server on the network. See the Cisco Secure ACS documentation
for instructions.
-
Install the OfficeScan server
on the network (see the Installation and Upgrade Guide).
-
Install the OfficeScan client program
on all clients whose
antivirus protection you want Policy Server to evaluate.
-
Enroll the Cisco Secure ACS server. Establish a trusted relationship between
the ACS server and a Certificate Authority (CA) server by having the
ACS server issue a certificate signing request. Then save the CA-signed certificate
(called the ACS certificate) on the ACS server (see
Cisco Secure ACS Server Enrolment for details).
-
Export the CA certificate to the ACS server and store a copy
on the
OfficeScan server. This
step is only necessary if you have not deployed a certificate to
clients and the ACS server (see
CA Certificate Installation).
-
Deploy the Cisco Trust Agent and the CA certificate to all
OfficeScan clients so
clients can submit
security posture information to the Policy server (see
Cisco Trust Agent Deployment).
-
-
-
-
Configure the Policy Server for NAC. Create and modify Policy
Server rules and policies to enforce your organization’s security
strategy for
OfficeScan clients (see
Policy Server for Cisco NAC Configuration).
