LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

April 2009

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS April 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: IE 8
From:	"Hall, Rand" <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Thu, 2 Apr 2009 08:49:37 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (115 lines)

Anyone notice the recent dearth of Cisco input on this list? I find that troubling.

Direct quotes on the list last fall from a Cisco support person (name omitted because he's innocent):

"Word from the BU is that they will only update from Microsoft once a
month, so this one will not go into the checks and rule set until next
months Patch Tuesday release."

"All I can say is that myself and some of my colleagues did put some 
pressure on to add this in. I know we sound like a broken record when we 
say this, but I would strongly encourage anyone who is unhappy about 
this to tell their account teams and have them put pressure on from 
their side as well."

So, this will be at least the third time in six months that Cisco's shrugging ambivalence has made their product ineffective.

In October, Microsoft issued a critical out-of-band patch for which Cisco would not create checks.

In November, Cisco botched an update which ultimately prevented access to the aforementioned and now long-awaited out-of-band patch check.

And now, IE8.

The first two times I followed the prescribed advice and ran my concern up through my account team...and heard nothing.

Unfortunately, I think I'm going to be forced to return the favor. I'm one of the original Perfigo people who's got the end of life software. When the Cisco NAC RFQ line doesn't this summer ring they'll know it was me.

So, Bruce, how do you like Bradford?

Cheers,
Rand

--
Rand P. Hall * Director, Network Services
Merrimack College * SunGard Higher Education
315 Turnpike Street, North Andover MA 01845 * Tel 978-837-5000
Fax 978-837-5383 * [log in to unmask] * www.sungardhe.com

CONFIDENTIALITY:  This e-mail (including any attachments) may contain
confidential, proprietary and privileged information, and unauthorized
disclosure or use is prohibited.  If you received this e-mail in error,
please notify the sender and delete this e-mail from your system.


-----Original Message-----
From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of Osborne, Bruce W. (NS)
Sent: Thursday, April 02, 2009 7:26 AM
To: [log in to unmask]
Subject: Re: IE 8

Rob,

That is correct.  You have to update each OS rule. Rinse & repeat after every "Patch Tuesday" update.

Bruce

-----Original Message-----
From: Robert J. Rutkowski [mailto:[log in to unmask]] 
Sent: Wednesday, April 01, 2009 6:09 PM
Subject: Re: IE 8

Correct me if I'm wrong please.. In order to use this manually created check, if I don't have any other manual checks incorporated into my hotfix rules, then I need to make copies of every hotfix rule (XP, XP MCE, XP Tablet, Vista Basic, Vista Home Premium, etc...) and add this check as an OR for the IE area to all of my copies, and then enable them for the Requirement. This is the way I understood it, I could very well be incorrect though. It seems like a lot of work just to tell it to allow IE8. 

Also, if that's what needs to be done, then why can't Cisco simply update their hotfix rules for everyone? It's sad that they would tell you how to manually do a workaround, but not just do it themselves...

Rob



-----Original Message-----
From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of Roberto Montoya
Sent: Wednesday, April 01, 2009 2:06 PM
To: [log in to unmask]
Subject: Re: IE 8

This is what we got on a case that we opened.

"For now we will have to create a custom check until the next agent
version download has been released. Here is an outline for the customer
check that you can put in place:
 
    Check Category - Registry Check
    Check Type - Registry Value
    Registry Key - HLKM\SOFTWARE\Microsoft\Internet Explorer\
    Value Name - Version
    Value Data Type - String
    Operator - starts with
    Value Data - 8.0
 
For now we are expecting support for IE8 within the next two weeks.
Right now there is a bug for this issue and is listed below:
Bug ID: CSCsy62611"


HTH,

-Roberto



-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Terry Mitchell
Sent: Wednesday, April 01, 2009 9:52 AM
To: [log in to unmask]
Subject: Re: IE 8

Anyone from Cisco/NAC team willing provide an estimate for IE8 support
(days, weeks or months?). It doesn't have to be carved in stone, but a
ballpark estimate would be most useful for planning and support
purposes. 

Thanks in advance.

Terry

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU