Add/Edit Agent-Based Test Set Window

Use this window to add a new agent-based test set or edit an existing agent-based test set. In this window, you can configure the individual tests that you want the agent-based test set to perform. When you add a new test set, it becomes available for selection in the Edit Assessment Configuration window.

Use the Agent-Based Test Support per OS tables (at the end of this topic) to determine which tests are supported on the various end-system operating systems.

To add an agent-based test set, click (the configuration menu button in the Test Sets section of the Edit Assessment Configuration window) and select Add Agent-based. You can also click the Add button in the Manage Test Sets window.

To edit an agent-based test set, from the Edit Assessment Configuration window, click on the agent-based test set you want to edit, then click (the configuration menu button in the Test Sets section), and select Edit. You can also click the Edit button in the Manage Test Sets window.

	NOTE:	Changes made to the settings in this window are not effective until the end-system is rescanned.

Click areas in the window for more information.

Name: Enter a name for the test set.

Agent Configuration

Scan when Agent Connects: If this checkbox is selected, anytime the agent connects or reconnects, it will initiate a scan. If the checkbox is deselected, when the agent connects it will only initiate a scan if the end-system is quarantined or if the assessment interval has expired. Deselecting the checkbox reduces the number of scans taking place as end-systems connect and reconnect to the network. Note that the following checkbox must also be deselected to prevent the end-system from automatically being placed in the quarantine state when agent connection is lost.

Quarantine End-System if Agent Connection is Lost: If this checkbox is selected, an end-system is automatically placed in the quarantine state if connection to the agent is lost. This prevents end users from running the assessment agent to obtain network access, then stopping the agent and changing their system settings in a manner that would normally fail assessment. Note that being placed in the quarantine state doesn't necessarily mean that the end user has been assigned a policy that prohibits network access.

Allow Agent Unreachable for Unsupported Operating Systems: If the end-system is running an unsupported operating system, the agent-based assessment will fail with an "Agent Unreachable" test result. If this checkbox is selected, the unsupported end-system will be allowed on the network where it can be assessed using on-board agent-less assessment or an external assessment server. See the How to Deploy Agent-Based Assessment Help topic for a list of supported end user operating systems.

Display Agent Notification Messages: If this checkbox is selected, then once assessment has taken place, the end-system will receive a notification message that tells them if they are quarantined, in an error state, have assessment warnings, or are accepted:

Install Method

Specify the agent install method: persistent, dissolvable, or service.

Persistent - A persistent agent will add itself to the startup group on Windows or the Login Items on the Mac, so that it will always restart with the system.
NOTE: For Windows users, the end user must have Write privileges for the C:\Program Files directory to install the persistent agent. A non-admin user by default does not have this permission.
Dissolvable - A dissolvable agent will not automatically restart with the system and the end user will be directed to start the agent from a web page.
Service - For Windows Persistent Service, the persistent agent will run as a service for all users and will continue to run when a user is logged out.

	NOTE:	For Windows users, the end user must have Write privileges for the `C:\Program Files` directory to install the persistent agent. A non-admin user by default does not have this permission.

Advanced Button: Click this button to open the Advanced Agent Configuration window where you can configure advanced options for your agent-based test set.

Test Cases

Use the Test Cases table to view and define the various tests that the test set will perform. The table displays information about each test case configured to run for this test set.

When you first open the Add Agent-Based Test Set window, the Test Cases table lists eight default test cases. You can use these default test cases as is, edit them, or delete any tests you don't want performed (except the Operating System test). You can also add new user-defined test cases in addition to the default test cases. Use the Add New Test Cases button to access Editor windows where you can configure the different tests.

Click areas in the window for more information.

: Use these buttons to add, edit, or delete test cases listed in the table. Use the Add button to access Editor windows where you can create the different kinds of tests.

Status

Displays the status configured for each test. The status determines how the score returned by the assessment test will be used.

Disabled - The test does not run.
Informational - The test runs and test score results are reported, but are not applied toward a quarantine decision. No end-systems are quarantined. Auto-remediation is performed, if enabled.
Warning - Test score results are only used to provide end user assessment warnings via the Notification portal web page. No end-systems are quarantined unless a grace period (if specified) has expired. Auto-remediation is performed, if enabled.
Mandatory - Test score results are included as part of the quarantine decision, and end-systems can be quarantined. Auto-remediation is performed, if enabled.

The default scoring for agent-based tests is 0 for pass and 10 for fail. You can use scoring overrides if you wish to customize the default scoring.

ID: Test cases are assigned a Test Case ID number when they are created. You can refer to these Test Case ID numbers when creating scoring overrides or looking at the Health Result Details Tab in the End-Systems tab.

Name: The name of the test case.

Type: The type of test case: Agent, System, or Application Test.

Information: Information about the test case requirements that have been configured.

Operating System(s): The operating systems to which this test case applies. To view a table that lists which tests are supported on the various end-system operating systems, see Agent-Based Test Support per OS.

Auto-Remediate: Certain test cases allow you to specify that NAC Manager attempts to auto-remediate any problems found by the test.

Default Test Cases

Following is a list of the default test cases that you can use for your test set. Default test cases are automatically assigned a Test Case ID number that cannot be changed. You can refer to these Test ID numbers when creating scoring overrides.

Operating System: This test checks to see if the operating system on the end-system matches a specified value. This is the only test that cannot be deleted or renamed. For more information, see the Operating System Editor.

Minimum Agent Version: This test checks to see if the agent version on the end-system is the same as, or newer than, the specified version level. For more information, see the Minimum Agent Version Editor.

Antivirus: This test checks to see if the state of the antivirus software matches the specified state. Windows requires the Windows Security Center for this test. For more information, see the Antivirus Editor.

Firewall: This test checks to see if the end-system's firewall is enabled or disabled. Windows Security Center is required for this test. For more information, see the Firewall Editor.

Patch Update Last Run In: This test checks to see if the last time a Windows patch update was run on the end-system falls within the specified time frame. This test relies on the Windows Update software program. For more information, see the Patch Update Last Run In Editor.

Patch Auto Update: This test checks to see if Patch Auto Update is enabled or disabled on the end-system. This test relies on the Windows Update software program. For more information, see the Patch Auto Update Editor.

P2P Software: This test checks to see if the specified file transfer software is installed or running on the end-system. For more information, see the P2P Software Editor.

Screen Saver: This test checks to see if a screen saver is enabled, if the screen saver is secured (password protected), and the time before the screen saver starts. For more information, see the Screen Saver Editor.

User-Defined Test Cases

Here is a list of user-defined tests that you can create and include in your agent-based test set. User-defined test cases are automatically assigned a Test Case ID number, although you can change this number, if desired. You can refer to these Test ID numbers when creating scoring overrides.

Hotfix Check: This test checks to see if a specific hotfix has been installed on the end-system. For more information, see the Hotfix Check Editor.

File Check: This test checks to see if a specific file is on the end-system. For more information, see the File Check Editor.

Process State Check: This test checks to see if a specific process is running on the end-system. For more information, see the Process State Check Editor.

Registry Key Check: This test checks to see if the end-system has a specific Windows registry key. For more information, see the Registry Key Check Editor.

Registry Key Check Advanced: This test checks to see if the end-system has one or more Windows registry keys. For more information, see the Registry Key Check Advanced Editor.

Service State Check: This test checks to see if a specific service is installed and running on the end-system. For more information, see the Service State Check Editor.

Installed Program Check

This test checks to see if a specific program is installed and running on the end-system. For more information, see the Installed Program Check Editor.

	NOTE:	The Installed Program Check test case is supported with agent version 1.15.0.0 and later.

Agent-Based Test Support per OS

When configuring agent-based test sets, use the following tables to determine which tests are supported on the various end-system operating systems.

OS Test Support

Operating System	Antivirus	Screen Saver	Patch Update Last Run	Patch Auto Update	Firewall
Windows 10	X	X	-	X	X
Windows 8.1	X	X	X	X	X
Windows 8	X	X	X	X	X
Windows 7	X	X	X	X	X
Windows Vista SP1	X	X	X	X	X
Windows XP SP2/SP3	X	X	X	X	X
Windows XP SP1	X	X	X	X	-
Windows 2008	X	X	X	X	X
Windows 2003 SP2	X	X	X	X	-
Windows 2000 SP4	X	X	X	X	-
Mac OS X Tiger	X¹	X	-	X	X
Mac OS X Leopard	X¹	X	-	X	X
Mac OS X Snow Leopard	X¹	X	-	X	X
Mac OS X Lion	X¹	X	-	X	X
Mac OS X Mountain Lion	X¹	X	-	-	X
Mac OS X Mavericks	X¹	X	-	-	X
Mac OS X Yosemite	X¹	X	-	-	X
Mac OS X El Capitan	X¹	X	-	-	X
Mac OS X Sierra	X¹	X	-	-	X

¹Supports Norton AntiVirus, McAfee Virex, Sophos Anti-Virus, ClamX AV 2, and Symantec 10 and 11.

OS Test Support

Operating System	P2P Software	Registry Key Check	Service State Check	Process State Check	Hotfix State Check	File Check
Windows 10	X	X	X	X	X	X
Windows 8.1	X	X	X	X	X	X
Windows 8	X	X	X	X	X	X
Windows 7	X	X	X	X	X	X
Windows Vista SP1	X	X	X	X	X	X
Windows XP SP2/SP3	X	X	X	X	X	X
Windows XP SP1	X	X	X	X	X	X
Windows 2008	X	X	X	X	X	X
Windows 2003 SP2	X	X	X	X	X	X
Windows 2000 SP4	X	X	X	X	X	X
Mac OS X Tiger	X¹	-	-	X	-	X
Mac OS X Leopard	X¹	-	-	X	-	X
Mac OS X Snow Leopard	X¹	-	-	X	-	X
Mac OS X Lion	X¹	-	-	X	-	X
Mac OS X Mountain Lion	X¹	-	-	X	-	X
Mac OS X Mavericks	X¹	-	-	X	-	X
Mac OS X Yosemite	X¹	-	-	X	-	X
Mac OS X El Capitan	X¹	-	-	X	-	X
Mac OS X Sierra	X¹	-	-	X	-	X

¹No eMule.

Related Information