NAC Experts, I am waiting for your comments. With regards Kings
On Fri, Jul 15, 2011 at 12:58 PM, Kingsley Charles < [email protected]> wrote: > Hi all > > A NAP policy can have more than one Posture Validation. If there are more > than one PV matching, the token which is most restrictive is selected. For > example, if tokens corresponding to the matching PVs are > Healthy and Quarantine, then ACS select Quarantine and sends the > corresponding authorization parameters like downloadable ACL, vlan and RAC > information to the NAD. > > Hope my understanding is correct. If not, please correct. > > Said with that, why do we have three types of tokens Cisco:PA, Cisco:Host > and Cisco:HIP when configuring PV policy.? > > There may be different elements of Cisco:PA, Cisco:HIP and Cisco:Host in > the policy but the corresponding token can be simply Healthy, Quarantine or > Transition. > > But when we want to select a token for PV, we are forced to select > Cisco:PA, Cisco:Host and Cisco:HIP? What is the significance of selecting > it. > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
