We had this same problem. You may be hitting this bug that is fixed in 4.8.0 (CSCte44041).
DDTS Number: CSCte44041 Corrected: Yes Caveat: Microsoft Forefront definition date only detected if user is an Admin The Cisco NAC Agent supports Microsoft Forefront date checking starting from version 4.5.0.0 (and was supposed to be fixed as a result of CSCtb54272 in 4.7.1). However, now the def date is only detected if the user logged into the PC is a local Admin user (or if the agent is run as an Administrator). If the user is not an administrator, the agent shows (and reports to the CAM) a blank date field for the definitions. This causes any date based requirements to fail for those users. Brian D. Wilson, [email protected]<mailto:[email protected]> Fisher College of Business, The Ohio State University Mason Hall 340, 614-292-9739 From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Bob Bader Sent: Friday, October 22, 2010 2:03 PM To: [email protected] Subject: Re: NAC 4.7.2 and Microsoft ForeFront AV Has the client performed an update of Forefront outside of NAC once it was installed? This is required with certain AV's before the information shows up. If a manual update was not performed try that and see if it helps. Bob From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Daniel Wood Sent: Friday, October 22, 2010 1:38 PM To: [email protected] Subject: NAC 4.7.2 and Microsoft ForeFront AV I have a TAC case open - 615706817 Anyone using Microsoft ForeFront client AV with NAC? It is on the supported AV list, but of course doesn't work. The program is detected but the definition files are not. ---------- Daniel Wood Network Administrator Networking/Telecommunications Georgia Southern University (912) 478-5753
