Installing And Configuring The Nac Audit Server; Displaying The Agentless Host Posture Tokens - Cisco WS-C6506 Software Manual

Configuring Agentless Hosts for NAC Auditing with MAB

Installing and Configuring the NAC Audit Server

For information regarding installing and configuring the NAC audit server, refer to the NAC Audit
vendor documentation shipped with the audit server. Ensure that the audit server is physically connected
to the switch before you install and configure it.

Displaying the Agentless Host Posture Tokens

The agentless host is evaluated on the number of vulnerabilities found and their severity levels. This
vulnerability information is taken from the cached audit report, and the posture token is determined by
the evaluation method settings on the NAC audit server.
The agentless host can hold any of the following posture agents:
•
•
•
•
•
There will be a delay in traffic because of auditing and the host would hold a transition posture token
Note
during such delay.
This example shows how to display the posture tokens of a MAC authentication bypass-enabled port:
Console> (enable) show port mac-auth-bypass 6/25
Port
----
6/25
Port
----
6/25
Port
----
6/25
Port
----
6/25
Port
----
6/25
Port
----
6/25
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
41-16
Infected—When at least one Severity 5 vulnerability is detected. Infected host audit reports are
cached and expire after 5 minutes.
Quarantine—When at least one Severity 4 vulnerability is detected. Quarantine host audit reports
are cached and expire after 10 minutes.
Check-up—When at least one Severity 3 vulnerability is detected. Check-up host audit reports are
cached and expire after 1 hour.
Healthy—When no severity 5, 4, or 3 vulnerabilities are detected. Healthy host audit reports are
cached and expire after 24 hours.
Unknown—When nonexisting and dead hosts do not respond to probes. Unknown host audit reports
are cached and expire after 12 hours.
Mac-Auth-Bypass State
----------------------
Disabled
Termination action
-------------------
-
PolicyGroups
-----------------------------------------------------
-
Critical Critical-Status
----------- ---------------
Disabled -
Session-id
--------------------------------
000015a90000099a000019ba000003e1
Posture -Token Url-Redirect
-------------- -------------------
Healthy http://10.76.255.100:2002
MAC Address Auth-State
----------- ----------
- -
Session Timeout Shutdown/Time-Left
--------------- ------------------
3600 NO
Chapter 41 Configuring MAC Authentication Bypass
Vlan
-------
5
-
OL-8978-04