LISTSERV - CLEANACCESS Archives - LISTSERV.MIAMIOH.EDU

CLEANACCESS Archives

February 2007

CLEANACCESS@LISTSERV.MIAMIOH.EDU

	LISTSERV Archives
	CLEANACCESS Home
	CLEANACCESS February 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: CCA AV Virus Definition rules question
From:	Dennis Xu <[log in to unmask]>
Reply To:	Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:	Tue, 20 Feb 2007 13:15:26 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (100 lines)

The AV_Rule seems to be working now. Thanks a lot! 


Dennis Xu
Network Analyst (CCS)
University of Guelph
519-824-4120 x 56217
[log in to unmask]

-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of King, Michael
Sent: Tuesday, February 20, 2007 1:03 PM
To: [log in to unmask]
Subject: Re: CCA AV Virus Definition rules question

Hi Dennis,

The pr_ checks don't support that functionality.

You have to use the AV_Rule Checks.  These then add that functionality.
You can check via the definition date, or revision version.

The pr_ are really for backwards compatibility, you should really be
using the AVRules instead.

Mike 

> -----Original Message-----
> From: Cisco Clean Access Users and Administrators 
> [mailto:[log in to unmask]] On Behalf Of Dennis Xu
> Sent: Tuesday, February 20, 2007 12:51 PM
> To: [log in to unmask]
> Subject: Re: CCA AV Virus Definition rules question
> 
> Thanks Nick!
> 
> Anyone tried with pre-configured McAfee AV update rule? I tried with 
> the rule pr_McAfee_Update, and the "allow X days older" option does 
> not work. Is it because this rule checks the definition version, not 
> the date? We are using v4.0.5.
> 
> Thanks,
> 
> 
> Dennis Xu
> Network Analyst (CCS)
> University of Guelph
> 519-824-4120 x 56217
> [log in to unmask]
> 
> -----Original Message-----
> From: Nick Pistentis [mailto:[log in to unmask]]
> Sent: Tuesday, February 20, 2007 12:35 PM
> To: Dennis Xu
> Subject: Re: CCA AV Virus Definition rules question
> 
> Hi Dennis-
> 
> We're using v3.6.4.2. There is an option for the pre-configured 
> Symantec update rule (I dunno if it extends to all other AV vendors or

> just the
> biggies) to allow a grace period. We have set ours to 10 days from 
> current system date, which has had a measurable
> (favorable) impact on the number of calls we get each week regarding 
> Symantec updates. I don't remember when exactly the feature was added,

> but I *think* it was in the
> 3.6.4 or 3.6.2 release.
> 
> Good luck,
> 
> Nick
> _____________________________________
> Nicholas Pistentis
> Manager, Student Technology Services
> George Washington University
> [log in to unmask]
> 202.994.6202
> http://iss.gwu.edu/sts
> 
> Dennis Xu wrote:
> > Could you share some experiences about how to define AV Virus 
> > Definition rules to allow X days older than lastes file
> date? Do you
> > need customerize the checks and how do you automatically change the 
> > date in the check? It seems like the preconfigured rules
> which check
> > the AV definition version do not work for this.
> >  
> > Dennis Xu
> > Network Analyst (CCS)
> > University of Guelph
> > 519-824-4120 x 56217
> > [log in to unmask]
> >  
> > 
>

ATOM RSS1 RSS2

LISTSERV.MIAMIOH.EDU