Using
Cisco Clean Access
The Cisco Clean Access security system is a user authentication,
vulnerability assessment and remediation system that checks authenticated
students for vulnerabilities and directs the non-compliant computers
to documentation on how to fix their issue.
The requirements currently being enforced are ALL Windows Critical
Updates, the latest version of the Clean Access Agent, and installed
and updated antivirus software. All computers compliant to
their rules will be allowed access to the network.
For a better understanding of how the Cisco Clean Access system
works, continue reading this document for detailed information.
User authentication
simply means you need to provide proper credentials (i.e. your USP
username and password) in order to gain access to the network. There
is one method for entering this information: Clean Access Agent.
Clean Access Agent
If you have a Windows XP or Windows 2000 computer, you need to install
the Clean Access Agent and use it to log in. To obtain the agent,
plug your machine into the network and open up Internet Explorer.
You'll automatically be redirected to the Clean Access Agent Download
page. Click the Download Clean Access Agent button. Although you
can choose to open (i.e. install) the file directly, we recommend
saving it to your hard drive so you can re-install at a later time,
if necessary. Once the Cisco Clean Access Agent Setup installer
is saved, double-click to install and simply follow the wizard installation
instructions. The entire process should only take a minute or two.
Once Clean Access Agent is installed, the login window will appear
automatically whenever your computer attempts to access the network.
Enter your USP user id and password and click Login.
NOTE: If the Clean Access Agent log in window doesn't appear automatically,
you probably have an installed firewall (e.g. Norton Internet Security)
preventing the window from popping up. To bypass this problem, modify
your firewall rules to allow Clean Access Agent (port 8905). The
methods for modifying the rules vary depending on the firewall you're
running.
After you successfully log into the system, Clean Access checks
your computer for vulnerabilities to make sure it meets the necessary
security requirements for connecting to the network. Only compliant
computers are granted full network access.
What are the requirements for accessing the network?
It's possible that the minimum requirements may vary from time
to time in order to remain proactive in preventing new viruses and
trojans from infiltrating the network. Basically, all students are
accountable for keeping their computer updated with current anti-virus
software and all operating system security patches. Here are the
current and planned specific requirements that Clean Access checks:
Windows XP
Clean Access Agent
3.4.1
Installed Antivirus
Up-to-date Antivirus
Running Antivirus
All Windows critical updates
If no vulnerabilities are found, your computer is considered compliant
and is granted full network access. If vulnerabilities are found,
your computer is moved into remediation.
If your computer fails the vulnerability assessment, it is moved
into remediation, and you are provided with directions for fixing/patching
it. You are given temporary network access (to limited sites) in
order to download any necessary software. Clean Access will not
allow you onto the network until all REQUIRED software/patches
are installed.
Missing REQUIRED Software
Required software must be installed before your computer will be
granted network access. Click the Go To Link button
to download and install the required software. Because the software
is required, you must install it before full network access is granted.
The Clean Access Agent is required in all residence halls
on campus. If you connect your computer to the Internet somewhere
other than in a residence hall, the Clean Access Agent is not required
and simply will not appear. However, if you move off-campus and
no longer need to connect your computer to the residential network,
you'll probably want to remove the Clean Access Agent. To do so,
go to Start -> Control Panel -> Add or Remove Programs. Select
Clean Access Agent and click Remove.
Back to Home
Cisco Clean
FAQ
Installing
Cisco Clean Access
Cisco
Clean Access & Firewalls
Installing
the Clean Access Agent
|
