CLEANACCESS Archives

September 2005

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: CAS/CAM 3.5.6 and Agent 3.5.8 On the download site
From:
John Stauffacher <[log in to unmask]>
Reply To:
Perfigo SecureSmart and CleanMachines Discussion List <[log in to unmask]>
Date:
Fri, 30 Sep 2005 08:52:52 -0700
Content-Type:
multipart/signed
Parts/Attachments:
text/plain (5 kB) , smime.p7s (4 kB) 
I almost want to upgrade the CAM/CAS so I can get the functionality to 
not prompt the user for the agent update. Even though I have it set as 
non mandatory, they still get prompted and it confuses the poor users...

Brian Beausoleil wrote:

>Has anyone tried to upgrade their servers yet?  I published the Agent but
>haven't upgraded the CAS/CAM yet.  So far no Agent issues reported.
>
>
>-----Original Message-----
>From: Perfigo SecureSmart and CleanMachines Discussion List
>[mailto:[log in to unmask]] On Behalf Of King, Michael
>Sent: Thursday, September 29, 2005 12:59 PM
>To: [log in to unmask]
>Subject: CAS/CAM 3.5.6 and Agent 3.5.8 On the download site
>
>Again, the  release notes are available, but are labeled on Cisco's Site
>as 3.5.5 right now.
>
>
>
>Highlights from the release notes:
>
>Case Insensitivity for Max Sessions per User Account
>
>The Max Sessions per User Account feature adds a new option for case
>insensitivity. The Case-Insensitive checkbox (3.5.6 and above) allows
>the administrator to allow/disallow case-sensitive user names towards
>the max session count. For example, if the administrator chooses to
>allow case-sensitivity (box unchecked; default), then jdoe, Jdoe, and
>jDoe are all treated as different users. If the administrator chooses to
>disable case-sensitivity (box checked), then jdoe, Jdoe, and jDoe are
>treated as the same user.
>
>This enhancement results in a new "Case-Insensitive" checkbox added to
>these web console pages:
>
>*User Management > User Roles > New Role or Edit Role
>API Enhancements
>
>With release 3.5(6), the Cisco Clean Access API utility script,
>cisco_api.jsp, provides two new functions and enhances an existing
>function.
>
>*kickoobuser -(New) Removes the OOB user session and bounces the port if
>the user is currently connected to the port
>
>*getcleanuserinfo -(New) Gets the certified device(s) information.
>
>*removecleanmac-(Enhanced) Removes certified device from Certified List,
>and enhanced to remove out-of-band users from the Online Users list in
>addition to in-band users.
>
>In addition, the descriptions for addcleanmac, removecleanmac, and
>removemac have been updated on the cisco_api.jsp page itself, which
>describes all the available API functions. The Clean Access API for your
>Clean Access Manager is accessed from a web browser as follows:
>https://<cam-ip-or-name>/admin/cisco_api.jsp
>Nessus Plugin Default View
>
>With release 3.5(6), the default view on the Nessus plugin page is
>changed from "All" to "Selected." Note that if Nessus plugins have not
>yet been checked and updated for the user role, the default view (i.e.
>Selected Plugins) shows no plugins. To select plugins, the administrator
>must choose one of the other views (for example, "All," "Backdoors,"
>etc.) from the "Show...Plugins" dropdown.
>
>This enhancement results in changes to the following web console page:
>
>*Device Management > Clean Access > Network Scanner > Scan Setup >
>Plugins
>Clean Access Agent Distribution Enhancements
>
>With release 3.5(6), the Clean Access Agent Distribution page of the CAM
>web console provides a new option to disable upgrade notifications
>(mandatory or optional) to 3.5.1+ Agent users, even when a newer Agent
>update becomes available on the CAM.
>
>Note After CAM/CAS upgrade to 3.5(6), this feature is available for all
>3.5.1 and above Clean Access Agents.
>
>Prior to this feature, if an Agent update was available, the user was
>always shown a prompt, whether the upgrade was optional or mandatory.
>This additional Distribution option will cause the user not to be
>informed of an Agent upgrade even if an Agent update is available.
>Enabling this option in effect prevents distribution of the Agent Patch
>upgrade to users when a newer Agent is downloaded to the CAM.
>
>This enhancement results in the following change to the web console:
>
>*Device Management > Clean Access > Clean Access Agent > Distribution --
>new checkbox for "Do not offer current Clean Access Agent Patch to users
>for upgrade"
>
>See also Clean Access Agent Enhancements for additional details
>Clean Access Agent Enhancements (3.5.8)
>
>Version 3.5.8 of the Clean Access Agent now attempts to log the user off
>the Clean Access system prior to Windows user logout or Windows
>shutdown. This enhancement takes effect when the user logs off from the
>Windows domain (i.e. Start -> Shutdown -> Log off current user) or shuts
>down the machine (Start -> Shutdown -> Shutdown machine). Prior to the
>3.5.8 Agent, a logged-in user remained logged into the network when the
>machine was shut down/restarted.
>
>Note that the attempt to log off from the Clean Access environment may
>be unsuccessful if the Agent is terminated by Windows prior to
>successfully logging off from the Clean Access system.
>
>See Clean Access Agent Enhancements for additional details on version
>3.5.6 and 3.5.7 of the Clean Access Agent (released post 3.5(5)).
>Supported AV Product List (Version 18)
>
>*See Cisco Clean Access Supported Antivirus Product List for the
>Supported AV Product List as of the latest release.
>
>*See Supported AV Product List Versions for details on each version of
>the list. 
>  
>


-- 
John Stauffacher, CISSP
Network Administrator
Chapman University
[log in to unmask]
ph: 714.628.7249
"It's amazing how much you take for granted when you already know what you are doing."
"there is no /usr/local on my C:\ drive!"

ATOM RSS1 RSS2