(imported topic written by SystemAdmin)
Hi,
We want to integrate Cisco NAC with BIGFIX, does NAC module in bigfix is required? and how auto remediation happen if machine is not as per compliance.
(imported comment written by SystemAdmin)
To be more comprehensive on my requirement:-
I have my locations covered under Cisco NAC, CAA agent is sitting on the client machines plus i have big bix agent also sitting on the client machine. i have defined certain patch level under the rules in NAC to match on the remote machine and if that machine is not as per the requirement, there should be auto remediation of that client with the help of BES agent. as per my logic which says, when machine is not as per compliance , CAA agent ask BES agent to download the require patches from BES server automatically which is possible with NAC integration or NAC module in BIG FIX.
Let me know whether this is possible or not or help me with some docs on this, as i cannt see any document available on BIG FIX site.
(imported comment written by BenKus)
Hello,
There are a lot details here, but the short answer is that you need the BigFix NAC Fixlet site to integrate with NAC. This will allow your BigFix Agents to speak with the CAA agents regarding the current state of the system.
The standard way to remediate is to set BigFix policies that are consistent with your NAC policies and then define a NAC policy that lets BigFix Agents carry out remediation even if the system is quarantined.
You can contact your BigFix sales rep if you want more info on the BigFix Cisco NAC integrated solution.
Ben
(imported comment written by SystemAdmin)
Can u tell me exact fixlet to do integration of Cisco clean access. I have license for NAC