Thanks for the help everyone.
On Mon, Apr 12, 2010 at 2:27 PM, Tyson Scott <[email protected]> wrote: > Paul, > > > > If You look on the host that has the CTA in the directory "C:\Program > Files\Common Files\PostureAgent\Plugins" you will find the DLL and INF files > that are set to gather information from the host. > > > > There are two plugins the CiscoHostPP.dll and ctapp.dll. Each of these > gather different information from the host. Now when the PA is sent in the > EAP tunnel back to ACS when ACS is also configured to work with external PA > servers then the servers are going to return tokens to ACS for successful or > failed Posture Validation. So the Cisco:Host and Cisco:PA are more > important when you are working with external servers but typically the > tokens should match your condition sets. There are exceptions to that but I > would just use it as a rule. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Technical Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Paul Alexander > *Sent:* Saturday, April 10, 2010 11:02 AM > > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] When to set Cisco:Host or Cisco:PA? > > > > Hi all, > > > > I'm trying to figure out when you would set a posture token of 'PA' or > 'Host'. > > > > The documentation isn't very clear, but as far as I can tell it just > depends if your using CTA or not. Is that right? > > > > regards, > > > > Paul. > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
