SDK Resources > Posture Validation (NAC) > Configuring the ACS

Configuring the ACS

note-icon Note:

Beginning in Intel AMT Release 9.0 NAC is no longer supported.

To ready the ACS to handle Intel AMT posture messages, connect to the ACS management screens and perform the following steps using the ACS web-based GUI:

   Define users and configure certificates.
Configure ACS with same certificates used on host computer. Select System Configuration/ACS Certificate Setup/ACS Certification Authority Setup. In the CA Certificate file box enter the full path to the requested certificate. Then click Submit.

   Configure the Switch Address at Network Configuration.

   Configure Radius Authorized Components at Shared Profile Components/Radius Authorization Components.

   Configure attributes requested for authentication at Posture Validation/Internal Posture Validation.

   Create a new Policy.

   Add and alter Rules by entering the newly created policy and selecting Add Rule then Add Condition Set. Select the appropriate Attribute, Operator and Value then click Submit.

   Configure the PVS address at Posture Validation/External Posture Validation. Click Add Server and fill in Name, Description and Primary Server Configuration’s URL for the PVS server.

   Configure the columns to be displayed at Failed/Passed Authentication. Configure columns at System configuration/Logging. Select CSV Passed Authentications file configuration for the Passed Authentication report or CSV Failed Attempts for the Failed Authentication report.
Under Select Columns to Log select desired values to be displayed from the Attributes column.

To configure the ACS to use the posture attributes directly,

1.  Go to the directory where the Csutil tool for Cisco ACS 4.0 is installed. The typical directory command for this is:
    cd %program files%\ciscosecure acs v4.0\bin\

2.  Use Csutil to add Intel AMT posture AVPs by using the following command:

 

csutil -addAVP attr.txt

 

 Note:

The attr.txt file is listed in the attr.txt File Example.

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.