OIT Home > Security Center > Cisco Clean Access Agent > Common Topics

Cisco Clean Access Agent Common Topics

• What is Clean Access?
• Why are we using this?
• How Does Validation Work?
• What is the Clean Access Agent?
• What Validation Checks are Being Performed?
• Is this going to affect my Linux or PDA?

 

What is Clean Access?

Clean access is a solution provided by Cisco, Inc. that performs network validation. The software performs the following functions:

• Require authentication to the network
• Validate whether the system connecting to the network meets the minimum security standards.
• Quarantines the system until it meets the minimum security standards.
• Provides access to the remediation sites.
• Once the system is validated as “clean,” allows access to the network.

Why are we using this?

Each semester, student machines are introduced to the campus that potentially contain harmful viruses and malware. On move-in weekend in particular, worms and viruses attempt to spread to unpatched/vulnerable machines. The Office of Information Technology determined that the best way to prevent this from happening is to ensure that virus software and Operating System critical update/patches are current and maintained.

How Does Validation Work?

Similar to the "Computer Registration" form, this solution will redirect any Internet browser request to a web page that instructs the user to download and install the validation client known as the “Cisco Clean Access Agent”. Once launched, the client downloads the validation rules and processes them. If the workstation fails the test, it is allowed Internet access only to the remediation sites for a period of about 90 minutes.  Once corrected, full network access is provided.

What is the Clean Access Agent?

Clean Access Agent is the client application that can check certain security settings on any Microsoft Windows PC to make sure that the system is up-to-date with required security patches and report this status to the Clean Access Server. No information about the user or the content of user files is sent to the server. Each user must use Clean Access Agent for his/her Microsoft Windows PC in order to authenticate and use the university network.

What Validation Checks are Being Performed?

• AntiVirus Software Installed (Mandatory)
• Up-to-Date AntiVirus Definitions (Mandatory)
• Windows XP Service Pack 2 (Mandatory)
• Missing Microsoft Critical Updates (Mandatory)
• Automatic update enabled with Download Option (Mandatory)
• Installation of Microsoft AntiSpyware (Optional)

Is this going to affect my Linux or PDA?

This software isn't available for Linux or PDA devices so they will not be be affected by this new restriction.

 

Last Updated: Jan. 22, 2011