OnGuard is only available for desktop operating systems (Windows, OS X, Linux).
Implementation is relatively simple.
At a high level:
In ClearPass, you configure the posture policies by operating system. These can include:
- Firewall enforcement
- Antivirus enforcement
- Installed application enforcement
If the device does not have OnGuard installed, ClearPass tells the Cisco switch to redirect the user to the install page.
Once OnGuard is installed, it communicates with ClearPass directly to inform about posture changes. If the device goes out of compliance, ClearPass can trigger the switch to bump the user and redirect them to a quarantine VLAN.