Passes authentication requests from the Network Access Device to the Policy Server to validate end-user client security posture. The ACS server also passes the posture token from the Policy Server to the Network Access Device. You can configure the ACS server to carry out actions on the end-user client through the Network Access Device.
Used to establish trusted communication between the ACS server and the Certificate Authority (CA) server. The Certificate Authority server signs the ACS certificate and saves it on the ACS server.
Describes the three main services used to control end-user client access to computer resources. Authentication refers to identifying a client, usually by having the user enter a user name and password. Authorization refers to the privileges the user has to issue certain commands. Accounting refers to a measurement, usually kept in logs, of the resources utilized during a session. The Cisco Secure Access Control Server (ACS) is the Cisco implementation of an AAA server.
Used for authentication of end-user clients with the Cisco ACS server. The CA certificate deploys to both the ACS server and to client computers (packaged with the Cisco Trust Agent by the OfficeScan server).
An authority on the network that distributes digital certificates for the purposes of performing authentication and securing connections between computers and/or servers.
Installed on end-user client computers to allow communication of security posture to Cisco Network Access Devices. You can deploy the agent to OfficeScan clients from the OfficeScan Web console.
The process of having a Cisco NAC Policy Server evaluate OfficeScan client security posture and sending a posture token back to the client.
An attachment used for security. Most commonly, certificates authenticate client computers with servers, such as a Web server, and contain the following: user identity information, a public key (used for encryption), and a digital signature of a Certificate Authority (CA) to verify that the certificate is valid.
Hypertext Transfer Protocol using Secure Socket Layer (SSL).
Network access servers, firewall applications, routers, or wireless access points that support Cisco NAC functionality.
The server responsible for determining the posture token of end-user clients by periodically uploading current Virus Pattern and Virus Scan Engine version information from the OfficeScan servers on the network. Install Policy Server from the OfficeScan master installer or from the Enterprise CD.
Comprised of rules, policies used by the Policy Server measure end-user client security posture. The Policy Server assigns one policy to each registered OfficeScan server on the network.
Rules include specific criteria that Policy Servers use to compare with OfficeScan client security posture data. If any aspect of client security posture matches the criteria you configure in a rule, the client can carry out actions you specify.
Used to ensure secure HTTPS communication between the Policy Server and ACS server. Setup automatically generates the Policy Server SSL certificate during Policy Server installation.
Created by the Policy Server after end-user client validation. It includes information that tells the OfficeScan client to perform a set of specified actions, such as enabling Real-time Scan or updating antivirus components.
An authentication system requiring clients to enter a user name and password. Cisco Secure ACS servers support RADIUS.
SSL is a scheme proposed by Netscape Communications Corporation to use RSA public-key cryptography to encrypt and authenticate content transferred on higher-level protocols such as HTTP, NNTP, and FTP.
A digital certificate that establishes secure HTTPS communication between the Policy Server and the ACS server.
The presence and currency of antivirus software installed on an end-user client. The security posture of OfficeScan clients refers to whether or not the OfficeScan client program exists and how old the antivirus component versions are.
A security protocol enabled through AAA commands used for authenticating end-user clients. Cisco ACS servers support TACACS+.