Clean Access Agent FAQ

Key Terms

  • Network Access Procedure: The process of authentication and validation of your computer required for university network access.
  • Authentication: The process of verifying your access to the network by confirming your username and password and associating it with your computer.
  • Validation: The process of confirming that certain security measures are in place on your computer.

What is Clean Access?

Clean access is a solution provided by Cisco, Inc. that performs network validation. The software performs the following functions:

  • Require authentication to the network
  • Validate whether the system connecting to the network meets the minimum security standards.
  • Quarantines the system until it meets the minimum security standards
  • Provides access to the remediation sites
  • Once the system is validated as “clean,” allows access to the network.

What Networks Require Validation?

We are deploying the validation solution to the PVAMU wireless network in the fall semester 2009.

Why Are We Introducing this Solution Now?

The beginning of a new semester inevitably brings with it an onslaught of viruses and worms – some mere nuisances, some serious threats, but ALL create unnecessary interruptions to network services. To protect faculty, student and staff computers, and ultimately the network we all share, ITS has determined that the best way to prevent this from happening is to insure that virus software and Operating System critical update/patches are current and maintained.

How Does Validation Work?

This solution will redirect any Internet browser request to a web page that instructs the user to download and install the validation client known as the “Cisco Clean Access Agent”. Once launched, the client downloads the validation rules and processes them. If the workstation fails the test, it is allowed Internet access only to the remediation sites for a period of about 90 minutes.  Once corrected, full network access is provided.

What is the Clean Access Agent?

Clean Access Agent is the client application that can check certain security settings on any Microsoft Windows PC to make sure that the system is up-to-date with required security patches and report this status to the Clean Access Server. No information about the user or the content of user files is sent to the server. Each user must use Clean Access Agent for his/her Microsoft Windows PC in order to authenticate and use the university network.

What Validation Checks are Being Performed?

Validation Checks (performed weekly):

AntiVirus Software Installed (Mandatory)
Up-to-Date AntiVirus Definitions (Mandatory)
Missing Microsoft Critical Updates (Mandatory)
Automatic update enabled with Download Option (Mandatory)
Installation of Microsoft Anti-Spyware (Optional)

How Long Do the Validation Checks Take?

This can vary depending on the state of the computer. If all requirements are meet the checks take between 15 and 30 seconds.

What Remediation is Available?

AntiVirus Failure:  PVAMU provides McAfee AntiVirus free to faculty, students and staff. It is required that all PCs connected to the campus network be running antivirus software. A user can use other antivirus software; however PVAMU will only support McAfee Antivirus software. If the user’s system fails the check for current antivirus software, the user is instructed to click on the URL for the Antivirus Tools site and follow the instructions.

Microsoft Windows Patch Failure: If the user’s system fails the check for current critical Operating System patches, the user is instructed to click on the URL for the Microsoft Windows update site and follow the instructions.