The difference is in the values you are matching on. Regards,
Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com On Apr 10, 2010, at 10:18 AM, Paul Alexander <[email protected]> wrote: > Okay, I think I get some of that. Here's the example i'm confused by: > > Condition 1 > Cisco:PA:OS-Type contains Windows 2000 > AND > Cisco:Host:Hotfixes=KB14478 > > Posture Token= Cisco:Host:Healthy > > Condition 2 > Default > > Posture Token Cisco:Host:Quarantine > > > > Now in this case, what is the difference in me using Cisco:Host instead of > Cisco:PA for the posture tokens (healthy and quarantine)?? > > > Thanks for all your help mate, its appreciated. > > > Paul. > > > > On Sat, Apr 10, 2010 at 5:27 PM, Brandon Carroll <[email protected]> > wrote: > I understand. It can be frustrating. > > So basically yes you need the CTA to get the posture information back to ACS. > Take a read of this: > http://www.cisco.com/en/US/docs/security/cta/admin_guide/ctaPlugn.html#wp1043483 > and if it's still giving you a hard time let me know. > > Basically you have application posture tokens that can be different. so- > Cisco:Host values can posture to healthy and Cisco:PA can posture to > Quarantine. Then of the two different application posture tokens ACS takes > the lowest value, in this case Quarantine and assigns that as the System > Posture Token. Here is another way to look at it. > > Lets say you want to see the following: > > Cisco:Host:HotFixes=KB65643 > and that equals Healthy else assign Quarantine as the Application Posture > Token. > > and > > Cisco:PA:OS-Type=Windows XP Professional > and that equals Healthy lse assign Quarantine as the Application Posture > Token. > > If both items are true the System Posture Token would be Healthy. > > If only 1 is true the other will assign the Application Posture Token of > Quarantine and ACS looks at both, picks the lowest and assigns the System > Posture Token to Quarantine. > > HTH > > > > Regards, > > Brandon Carroll - CCIE #23837 > Senior Technical Instructor - IPexpert > Mailto: [email protected] > Telephone: +1.810.326.1444 > Live Assistance, Please visit: www.ipexpert.com/chat > eFax: +1.810.454.0130 > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE > (R&S, Voice, Security & Service Provider) certification(s) with training > locations throughout the United States, Europe, South Asia and Australia. Be > sure to visit our online communities at www.ipexpert.com/communities and our > public website at www.ipexpert.com > > > > On Apr 10, 2010, at 9:07 AM, Paul Alexander wrote: > >> ssign a token of 'Cisco:PA Healthy' as opposed to 'Cisc > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
