Table of Contents
Advertisement
Command Reference Guide
D
A
ESKTOP
UDITING
Desktop auditing is an AOS feature that uses Dynamic Host Configuration Protocol (DHCP) in
conjunction with the Microsoft
computers connected to a NetVanta network. The two protocols work together to ensure that systems
connected to the network are using appropriate corporate policies, such as appropriate firewall settings,
antivirus settings, and other client health information. This information is exchanged between clients and
servers in statement of health (SoH) and statement of health response (SoHR) messages.
Desktop auditing is configured on AOS products by enabling the feature and by optionally configuring
filters to limit the output of the collected NAP information. These optional filters allow you to see who the
policy violators are. When desktop auditing is enabled, the AOS product collects DHCP information, such
as the medium access control (MAC) and IP addresses, virtual local area network (VLAN) ID, host name,
and source port, as well as the MAC and IP addresses of the server and the date and time of the last DHCP
information update. The NAP information collected by desktop auditing includes the client's OS version
and service pack, processor architecture, firewall name and state, antivirus name and state, antispyware
name and state, automatic update configuration, security update information, and the NAP state (enabled
or disabled) of both the server and the client.
Desktop auditing local policies determine when a NAP client may be a violator by collecting NAP
information for the connected clients and comparing them to the configured policies. It is possible to
monitor clients' firewall states, antivirus states, antispyware states, auto-update states, and security update
statuses using these policies. If no desktop auditing policies are configured, then, by default, desktop
auditing monitors all NAP information for each client.
For more information about configuring desktop auditing, refer to the Configuring Desktop Auditing in
AOS configuration guide available online at https://supportforums.adtran.com.
Desktop auditing should be enabled on the AOS device before configuring the desktop auditing local
policy. Desktop auditing is enabled using the command
desktop auditing local policy and enter the policy's configuration mode, enter the desktop-auditing
local-policy command from the Global Configuration mode prompt. For example:
>enable
#configure terminal
(config)#desktop-auditing local-policy
(desktop-audit-policy)#
The following commands are common to multiple command sets and are covered in a centralized section
of this guide. For more information, refer to the section listed below:
do on page 71
exit on page 73
60000CRG0-35E
L
P
OCAL
OLICY
®
Network Access Protection (NAP) Protocol to monitor the health of client
Copyright © 2012 ADTRAN, Inc.
Desktop Auditing Local Policy Command Set
C
S
OMMAND
ET
desktop-auditing dhcp on page
932. To create a
3037
- Quick Links:
- Basic Mode Command Set
Hide quick links:
Advertisement
Table of Contents
