Nac attributes in logs – Cisco 3.3 User Manual

Page 436

Advertising
background image

Chapter 11 Logs and Reports

NAC Attributes in Logs

11-4

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Note

Cisco Secure ACS cannot determine how a remote logging service is
configured to process accounting packets that it is forwarded. For
example, if a remote logging service is configured to discard
accounting packets, it discards a forwarded accounting packet and
responds to Cisco Secure ACS with an acknowledgment message,
causing Cisco Secure ACS to write a value of

Remote-logging-successful

in the Remote Logging Result attribute

in the local log that records the account packet.

Application-Posture-Token—The application posture token (APT) returned
by a particular policy during a posture validation request. This attribute is
available only in the Passed Authentications and Failed Attempts logs. For
more information, see

NAC Attributes in Logs, page 11-4

.

System-Posture-Token—The system posture token (SPT) returned by a
Network Admission Control (NAC) database during a posture validation
request. This attribute is available only in the Passed Authentications and
Failed Attempts logs. For more information, see

NAC Attributes in Logs,

page 11-4

.

Other posture validation attributes—Attributes sent to Cisco Secure ACS
by a NAC client in a posture validation request, identified by the vendor
name, application name, and attribute name that uniquely identify the
attribute. For example, the NAI:AV:DAT-Date attribute is an attribute
containing information about the date of the DAT file on the NAC client for
a Network Associates, Inc., anti-virus application. These attributes are
available only in the Passed Authentications and Failed Attempts logs. For
more information, see

NAC Attributes in Logs, page 11-4

.

NAC Attributes in Logs

Posture validation attributes, used by NAC, can be used in the Passed
Authentications and Failed Attempts logs. All inbound attributes are available for
logging. The only two outbound attributes that you can record in logs are
Application-Posture-Token and System-Posture-Token.

Advertising