Cisco Security Agent

Previous page
Table of content
Next page

The Cisco Security Agent sits directly on the end station. The Cisco Security Agent is often identified by an icon of a red flag at the bottom of the desktop. A waving red flag notifies the user of suspicious behavior that could be indicative of an attack.

The Cisco Security Agent Panel is composed of the following categories:

  • Status

  • System Security

Figure 8-9 provides an example of the Cisco Security Agent Panel.

Figure 8-9. Cisco Security Agent Panel


Status

The Status area of the Cisco Security Agent panel provides information to the end user on what the Cisco Security Agent is doing. This status feedback on the Cisco Security Agent Panel is important because the end user typically does not have any direct access to the Management Center for Cisco Security Agents.

The main Status area provides several items of important information about the Cisco Security Agent including the following:

  • Host name

  • Management Center

  • Registration date

  • Last poll time (to check for a new policy configuration)

  • Last download time (to download a new policy configuration)

  • Software update

  • Network Admission Control posture results

  • Poll button (to poll Management Center to download a new policy configuration)

The following subcategories are available in the Status category:

  • Messages The Messages subcategory provides information to the user about what important events have been detected by the Cisco Security Agent.

  • User Query Response The User Query Response subpanel provides details on what permissions were asked to the user (for example, application x attempted to modify memory in process y; the user was queried and the response was "Yes").

  • Contact Information Optional information, including name, phone number, location, and e-mail address to contact the end user on the desktop with the Cisco Security Agent.

System Security

The System Security area provides a mechanism where certain users can specify a default security policy (high, medium, low) if this option is allowed by the Management Center. The System Security area also provides an option to restrict new network connections after a certain network inactivity timeout.

The System Security area also provides a vehicle to display to the user which applications are natively untrusted by the Cisco Security Agent. These untrusted applications can result in the user being queried about permission to use the application if the application attempts to modify critical system resources. The Cisco Security Agent panel also provides an option to remove applications for the untrusted list, if this option is enabled by the Management Center. Figure 8-10 displays a sample of the display of a few of the untrusted applications on the Cisco Security Agent Panel.

Figure 8-10. Untrusted Applications



Previous page
Table of content
Next page
Setf-Defending Networks(c) The Next Generation of network Security
Self-Defending Networks: The Next Generation of Network Security
ISBN: 1587052539
EAN: 2147483647
Year: N/A
Pages: 112
Authors: Duane De Capite
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
C++ How to Program (5th Edition)
Postfix: The Definitive Guide
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy