Integrating F-Secure Client Security 8 with Cisco NAC

 

 Since  version 8.00 F-Secure supports Cisco NAC version 2. In this guide you can find the deatils to configure posture validation with F-Secure:

http://www.f-secure.com/export/system/fsgalleries/manuals/fscs800_adminguide_eng.pdf

Step by step procedure:

1. Get fsnacpva.def file from F-Secure Client Security CD, or download it from http://pliki.netsecure.pl/pliki/fsecure/ClientSecurity/cisco/fsnacpva.def

2. Execute CSUtil.exe to add Attributes 

cd %programfiles%\CiscoSecure ACS v4.2\bin

CSUtil.exe -addAVP fsnacpva.def

3. Restart CSAdmin, CSAuth & CSLog

4. Logon to ACS Server, go to Posture Validation -> Internal Posture Validation Setup -> Edit or Add Policy. Then edit or Add rule. Then Add a Condition set:

For example:

F-Secure:AV:Software-Version >= 8.0.0.0
F-Secure:AV:Protection-Enabled = 1

Submit, Done, Apply and Restart

Advertisements

NAP-NAC Design Guide by Microsoft

Microsoft has published a guide for designing the NAP NAC environment. One of the things that I finally confirmed is that Windows XP SP3 dosen’t have support for NAP-NAC. This point is really discouraging, what corporate network have an entire Windows Vista environment?

http://technet.microsoft.com/en-us/library/dd125393.aspx

Cisco NAC and Microsoft NAP Interoperability Guides

I’ve been searching for these guides for a long time, finally here is the link:

http://www.cisco.com/en/US/netsol/ns812/networking_solutions_sub_solution_home.html

I haven’t even read it, but as soon as I figure out how complex this solution is, I’ll start to build a lab and post my results.