Folks,
First of all, we would like to acknowledge your concerns about the lack
of official response to this mailer.
Please note though, that even though we may not have been responding
directly on this alias, we are actively working behind the scenes with
the sales teams and TAC to respond to customer queries. However your
point is well taken, we should have been better at communicating on this
mailer. We will be rectifying this going forward.
As has already been pointed out, the check for IE8 is now available. We
understand that educational institutions have rapidly changing
environments and need quick turnaround times. In an effort to improve
this further, as well as provide you with better insight, we will make
sure we publish anticipated support dates in advance.
Cisco is committed to the higher education community. We have recently
re-organized our resources to make further investments in this space as
proof of our commitment. We are also working on improving our offering
in this space. Our next couple of releases will contain functionality
targeted towards education. This will include features such as 64 bit OS
platform support, revamped agent, enhanced reporting and quicker support
for third party applications. The first release is lined up specifically
for the summer time where a lot of you will have down time to perform
upgrades.
We truly feel that higher education was instrumental in NAC adoption and
will continue to define NAC in the future. We have every intention to
remain focused on the education community. We will be actively engaging
this group on an ongoing basis to provide updates and solicit feedback.
Regards,
Atif
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Mike Hanson
Sent: Thursday, April 02, 2009 1:35 PM
To: [log in to unmask]
Subject: Re: IE 8
Isabelle is correct. Good catch.
It is there and it works.
I spoke to our Cisco rep this morning and he said 1.5 to 2 weeks for the
fix. So maybe all the talk on the listserv about IE8 worked to get them
to release the fix early.
Mike Hanson
Network Security Manager
The College of St. Scholastica
Duluth, MN 55811
(218)-723-7097
[log in to unmask]
>>> Isabelle Graham <[log in to unmask]> 4/2/2009 3:05 PM >>>
It looks like a check for IE8 just posted. You may need to do a manual
update to see it.
--
Isabelle Graham
Information Security
American University
Jim Thomas wrote:
> Or maybe Cisco maintaining a listserv/blog (maybe off Cisco Learning
> Network) tied into the BU where they can provide 'roadmap' info and
> support. If you have to go to TAC to get details on Cisco questions
that
> only the BU can answer then a direct line into the BU might be
> beneficial when the end result could potentially help out hundreds
of
> customers. I know some TAC engineers monitor this listserv and some
of
> the BU but since I've been on here, I've seen a lot of griping
regarding
> the product line. I haven't heard a lot of response from Cisco.
Maybe
> there is another avenue that Cisco can provide that might help.
>
>
>
> Thanks
>
> Jim
>
>
>
> Jim Thomas
>
> Area Networks, Inc.
>
> CCIE Security #16674
>
> CCSP,CCNP,CCDP
>
> [log in to unmask] <mailto:[log in to unmask]>
>
> Office: 650-242-8050
>
> Cell: 916-342-2265
>
>
>
>
>
>
>
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Eric Weakland
> Sent: Thursday, April 02, 2009 6:06 AM
> To: [log in to unmask]
> Subject: Re: IE 8
>
>
>
>
> I've noticed the lack of input. I suspect Cisco has forbid their
folks
> from posting useful information to this list anymore. Unfortunately
my
> team can't get useful answers from TAC. (STILL!)
>
> I also am a Perfigo early adopter and no longer think Cisco is a
viable
> alternative in this space. I've tried for YEARS to try and get them
to
> see how shoe-horning this product into the router support model
doesn't
> work, how a product like this needs aggressive support for new
> vulnerabilities and changes. I thought things were going to get
better,
> but it doesn't look like it.
>
> Cisco- if you're out there, why don't you just admit you don't care
> about this product line, and EOS/L it so that we can have more
traction
> when asking for funds to upgrade to other products? Or state that
it
> isn't suited to the Higher-ed market?
>
> I must add that I am glad Perfigo was where it was when we started
to
> really need it. Getting CCA implemented across our campus was a
real
> win from a resource perspective - many fewer viruses. But this
product
> has not grown/been supported in a way that makes it viable any more,
as
> you put so well, Rand.
>
> My team likes Impulse and Juniper's solutions so far. We're going
to
> start looking at those soon. Perhaps we should set up another
listserv
> somewhere - product independent?
>
> Cheers,
>
> Eric
>
> Eric Weakland, CISSP, CNE
> Director, Information Security
> Office of Information Technology
> American University
> eric at american.edu
> 202.885.2241
>
> ______________________________________
> AU IT will never ask for your password via e-mail.
> Don't share your password with anyone!
>
>
>
> "Hall, Rand" <[log in to unmask]>
> Sent by: Cisco Clean Access Users and Administrators
> <[log in to unmask]>
>
> 04/02/2009 08:50 AM
>
> Please respond to
> Cisco Clean Access Users and Administrators
> <[log in to unmask]>
>
> To
>
> [log in to unmask]
>
> cc
>
>
> Subject
>
> Re: IE 8
>
>
>
>
>
>
>
>
> Anyone notice the recent dearth of Cisco input on this list? I find
that
> troubling.
>
> Direct quotes on the list last fall from a Cisco support person
(name
> omitted because he's innocent):
>
> "Word from the BU is that they will only update from Microsoft once
a
> month, so this one will not go into the checks and rule set until
next
> months Patch Tuesday release."
>
> "All I can say is that myself and some of my colleagues did put some
> pressure on to add this in. I know we sound like a broken record when
we
>
> say this, but I would strongly encourage anyone who is unhappy about
> this to tell their account teams and have them put pressure on from
> their side as well."
>
> So, this will be at least the third time in six months that Cisco's
> shrugging ambivalence has made their product ineffective.
>
> In October, Microsoft issued a critical out-of-band patch for which
> Cisco would not create checks.
>
> In November, Cisco botched an update which ultimately prevented
access
> to the aforementioned and now long-awaited out-of-band patch check.
>
> And now, IE8.
>
> The first two times I followed the prescribed advice and ran my
concern
> up through my account team...and heard nothing.
>
> Unfortunately, I think I'm going to be forced to return the favor.
I'm
> one of the original Perfigo people who's got the end of life
software.
> When the Cisco NAC RFQ line doesn't this summer ring they'll know it
was
> me.
>
> So, Bruce, how do you like Bradford?
>
> Cheers,
> Rand
>
> --
> Rand P. Hall * Director, Network Services Merrimack College * SunGard
> Higher Education
> 315 Turnpike Street, North Andover MA 01845 * Tel 978-837-5000 Fax
> 978-837-5383 * [log in to unmask] * www.sungardhe.com
>
> CONFIDENTIALITY: This e-mail (including any attachments) may
contain
> confidential, proprietary and privileged information, and
unauthorized
> disclosure or use is prohibited. If you received this e-mail in
error,
> please notify the sender and delete this e-mail from your system.
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Osborne, Bruce
W.
> (NS)
> Sent: Thursday, April 02, 2009 7:26 AM
> To: [log in to unmask]
> Subject: Re: IE 8
>
> Rob,
>
> That is correct. You have to update each OS rule. Rinse & repeat
after
> every "Patch Tuesday" update.
>
> Bruce
>
> -----Original Message-----
> From: Robert J. Rutkowski [mailto:[log in to unmask]]
> Sent: Wednesday, April 01, 2009 6:09 PM
> Subject: Re: IE 8
>
> Correct me if I'm wrong please.. In order to use this manually
created
> check, if I don't have any other manual checks incorporated into my
> hotfix rules, then I need to make copies of every hotfix rule (XP,
XP
> MCE, XP Tablet, Vista Basic, Vista Home Premium, etc...) and add
this
> check as an OR for the IE area to all of my copies, and then enable
them
> for the Requirement. This is the way I understood it, I could very
well
> be incorrect though. It seems like a lot of work just to tell it to
> allow IE8.
>
> Also, if that's what needs to be done, then why can't Cisco simply
> update their hotfix rules for everyone? It's sad that they would
tell
> you how to manually do a workaround, but not just do it
themselves...
>
> Rob
>
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Roberto
Montoya
> Sent: Wednesday, April 01, 2009 2:06 PM
> To: [log in to unmask]
> Subject: Re: IE 8
>
> This is what we got on a case that we opened.
>
> "For now we will have to create a custom check until the next agent
> version download has been released. Here is an outline for the
customer
> check that you can put in place:
>
> Check Category - Registry Check
> Check Type - Registry Value
> Registry Key - HLKM\SOFTWARE\Microsoft\Internet Explorer\
> Value Name - Version
> Value Data Type - String
> Operator - starts with
> Value Data - 8.0
>
> For now we are expecting support for IE8 within the next two weeks.
> Right now there is a bug for this issue and is listed below:
> Bug ID: CSCsy62611"
>
>
> HTH,
>
> -Roberto
>
>
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Terry Mitchell
> Sent: Wednesday, April 01, 2009 9:52 AM
> To: [log in to unmask]
> Subject: Re: IE 8
>
> Anyone from Cisco/NAC team willing provide an estimate for IE8
support
> (days, weeks or months?). It doesn't have to be carved in stone, but
a
> ballpark estimate would be most useful for planning and support
> purposes.
>
> Thanks in advance.
>
> Terry
>
|
