Dennis,
The bug is due to be fixed in version 4.1.6 (currently due out on July
31st).
Nate
Dennis Xu wrote:
> Any updates on this issue? I see the bug status is "fixed" now but not sure
> how it is fixed with the same Agent version. How people using 4.1.3.2 deal
> with this issue now? Still asking users to uninstall NSS?
>
> Thanks,
>
> Dennis Xu
> Network Analyst(CCS)
> University of Guelph
> 5198244120 x 56217
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Homer Manila
> Sent: May-06-08 2:22 PM
> To: [log in to unmask]
> Subject: Re: Norton Security Scan
>
> On the phone with TAC now, but if you have any suggestions for a quick
> workaround that wouldn't force us to have to re-engineer our AV defs
> requirement to not bother with NSS (which I believe would mean
> re-creating checks for every supported AV the ANY AV rule currently
> supports) or just outright stop requiring up-to-date defs...that would
> be greatly appreciated :)
>
> --Homer Manila
> Information Security Administrator
> Information Technology, American University
> 202-885-2209
>
>
>
> Nathaniel Austin wrote:
>
>> Hey Homer,
>>
>> Weird that it doesn't show there. It should.
>>
>> As for a way to handle it, the only workaround is unfortunately to
>> uninstall NSS. The agent should be able to check for NSS definition
>> updates, but our database bases their defs off the same date as normal
>> SAV defs (which they are different and not updated that frequently) so
>> I have found that the date checks don't work well for NSS.
>>
>> Bug hasn't been assigned to a developer yet, so not sure of a timeline
>> on when it will be fixed, but it will need a new underlying SDK for
>> the agent, so it more than likely require a new agent to fix.
>>
>> Nate
>>
>> Homer Manila wrote:
>>
>>> Thanks Nate. Actually, the list I was going by was on the manager:
>>> Device Managment -> Clean Access -> Clean Access Agent -> Rules ->
>>> AV/AS Support Info
>>>
>>> That list doesn't show it supported anyway, and if I remember
>>> correctly, it updates with every new version of the agent being
>>> deployed, yes?
>>>
>>> Thanks for the bug info. Apparently, it's affecting more of our
>>> users than I original thought. May have to call Cisco on best way to
>>> handle this....
>>>
>>> --Homer Manila
>>> Information Security Administrator
>>> Information Technology, American University
>>> 202-885-2209
>>>
>>>
>>>
>>> Nathaniel Austin wrote:
>>>
>>>> Hey Homer,
>>>>
>>>> It is on the supported list:
>>>>
>>>> Norton Security Scan / 1.x / yes (4.1.3.0) / yes (4.1.3.0) / -
>>>>
>>>> As to the problem, I repro'd this here a little while ago. We should
>>>> be able to detect both NSS and a normal Symantec AV at the same
>>>> time, but we don't. I filed CSCso76507 on the issue.
>>>>
>>>> Nate
>>>>
>>>> Homer Manila wrote:
>>>>
>>>>> We just forced an upgrade of the CCA agent this morning to 4.1.3.2,
>>>>> and began getting a few complaints from our users about not being
>>>>> able to log in despite having very much up-to-date definitions of
>>>>> Symantec AntiVirus. Turns out that the new agent was now seeing a
>>>>> "Norton Security Scan," with differing product version #s and defs
>>>>> versions(sometimes none). A quick google found that this product
>>>>> was bundled with Google Pack a little over a month ago, and would
>>>>> explain how the product got onto our clients' machines without our
>>>>> knowledge. Apparently, the new agent is seeing Norton Security
>>>>> Scan instead of our standard, tested, supported SAV bundle.
>>>>> Removal of NSS fixes the problem and allows the user onto the network.
>>>>>
>>>>> Question: how is CCA seeing this product if it isn't even in the
>>>>> supported list of AV?
>>>>>
>>>>>
|