On Aug 9, 2010, at 3:09 PM, Biddle, Rob wrote: > Has anyone heard anything as to when Cisco will start publishing NAC Agent > Checks & Rules for Apple OS X Security Patches? > I'd like to start making use of the Mac OS X NAC Agent, but it seems a bit > silly without the posture assessment capabilities. > > _____________________________ > Rob Biddle > Network Systems Engineer / Administrator > College of Mount St. Joseph > > > >
Bob, The Cisco NAC has had no remediation capabilities for Mac OS X--besides AntiVirus/AntiSpyware (AV/AS) checking--since we started using it, which was version 4.6 (approximately May 2009). In addition, it does not have a Mac OS X API or any other way to programmatically tap into the information that the CCA Agent (client) reports. Finally, the only remediation it can do on its own is to update the virus definition file for ClamXAV. We use McAfee here at Illinois State University and while the NAC will detect various version of McAfee for Mac the only way to remediate it is by file/URL linking. We discussed this with Cisco some time ago, but never received an answer as to whether they plan to implement these procedures and if so, when. We followed up with Cisco when McAfee released McAfee Security for Mac v1.0 back at the end of August 2009, but it took months (it looks to be about nine months) until it was recognized with the v4.7.2 release. It is particularly frustrating especially since v4.7.2 of the CCA Agent (client) can identify Major versions of Mac OS X, i.e., Mac OS X 10.4, 10.5, etc., and whether Snow Leopard is running in 64 bit mode. I think the agent is pulling a lot of information, but the NAC system does not take advantage of this in any way. Let's keep pushing Cisco to implement these features. Good luck, _________________________________ Aaron T. Davis Call Center Supervisor University Computer Help Desk Illinois State University Direct: 309-438-5777 Support: 309-438-4357
