Hey Homer,
Weird that it doesn't show there. It should.
As for a way to handle it, the only workaround is unfortunately to
uninstall NSS. The agent should be able to check for NSS definition
updates, but our database bases their defs off the same date as normal
SAV defs (which they are different and not updated that frequently) so I
have found that the date checks don't work well for NSS.
Bug hasn't been assigned to a developer yet, so not sure of a timeline
on when it will be fixed, but it will need a new underlying SDK for the
agent, so it more than likely require a new agent to fix.
Nate
Homer Manila wrote:
> Thanks Nate. Actually, the list I was going by was on the manager:
> Device Managment -> Clean Access -> Clean Access Agent -> Rules ->
> AV/AS Support Info
>
> That list doesn't show it supported anyway, and if I remember
> correctly, it updates with every new version of the agent being
> deployed, yes?
>
> Thanks for the bug info. Apparently, it's affecting more of our users
> than I original thought. May have to call Cisco on best way to handle
> this....
>
> --Homer Manila
> Information Security Administrator
> Information Technology, American University
> 202-885-2209
>
>
>
> Nathaniel Austin wrote:
>> Hey Homer,
>>
>> It is on the supported list:
>>
>> Norton Security Scan / 1.x / yes (4.1.3.0) / yes (4.1.3.0) / -
>>
>> As to the problem, I repro'd this here a little while ago. We should
>> be able to detect both NSS and a normal Symantec AV at the same time,
>> but we don't. I filed CSCso76507 on the issue.
>>
>> Nate
>>
>> Homer Manila wrote:
>>> We just forced an upgrade of the CCA agent this morning to 4.1.3.2,
>>> and began getting a few complaints from our users about not being
>>> able to log in despite having very much up-to-date definitions of
>>> Symantec AntiVirus. Turns out that the new agent was now seeing a
>>> "Norton Security Scan," with differing product version #s and defs
>>> versions(sometimes none). A quick google found that this product
>>> was bundled with Google Pack a little over a month ago, and would
>>> explain how the product got onto our clients' machines without our
>>> knowledge. Apparently, the new agent is seeing Norton Security Scan
>>> instead of our standard, tested, supported SAV bundle. Removal of
>>> NSS fixes the problem and allows the user onto the network.
>>>
>>> Question: how is CCA seeing this product if it isn't even in the
>>> supported list of AV?
>>>
|