We've been told by TAC (but haven't had a chance to confirm yet) that upgrading to agent 4.7.3 will also address this bug while still running 4.7.2 on the CAMs (for those of you who are ED release averse).
------------------------ Isabelle Graham Information Security American University Cisco Clean Access Users and Administrators <[email protected]> wrote on 2010-10-22 14:43:56: > From: "Wilson, Brian" <[email protected]> > To: [email protected] > Date: 2010-10-22 14:43 > Subject: Re: NAC 4.7.2 and Microsoft ForeFront AV > Sent by: Cisco Clean Access Users and Administrators > <[email protected]> > > We had this same problem. You may be hitting this bug that is fixedin 4.8.0 ( > CSCte44041). > > DDTS Number: > CSCte44041 > > Corrected: > Yes > > Caveat: > Microsoft Forefront definition date only detected if user is an Admin > The Cisco NAC Agent supports Microsoft Forefront date checking > starting from version 4.5.0.0 (and was supposed to be fixed as a result of > CSCtb54272 in 4.7.1). However, now the def date is only detected if the > user logged into the PC is a local Admin user (or if the agent is run as > an Administrator). > > If the user is not an administrator, the agent shows (and reports to the > CAM) a blank date field for the definitions. This causes any date based > requirements to fail for those users. > > > Brian D. Wilson, [email protected] > Fisher College of Business, The Ohio State University > Mason Hall 340, 614-292-9739 > > From: Cisco Clean Access Users and Administrators > [mailto:[email protected]] On Behalf Of Bob Bader > Sent: Friday, October 22, 2010 2:03 PM > To: [email protected] > Subject: Re: NAC 4.7.2 and Microsoft ForeFront AV > > Has the client performed an update of Forefront outside of NAC once > it was installed? This is required with certain AV’s before the > information shows up. If a manual update was not performed try that > and see if it helps. > > Bob > > > From: Cisco Clean Access Users and Administrators > [mailto:[email protected]] On Behalf Of Daniel Wood > Sent: Friday, October 22, 2010 1:38 PM > To: [email protected] > Subject: NAC 4.7.2 and Microsoft ForeFront AV > > I have a TAC case open - 615706817 > > Anyone using Microsoft ForeFront client AV with NAC? It is on the > supported AV list, but of course doesn't work. The program is > detected but the definition files are not. > > ---------- > > Daniel Wood > Network Administrator > Networking/Telecommunications > Georgia Southern University > (912) 478-5753
