Hi Brad, You're welcome. I got this info from Cisco's release notes:
http://www.cisco.com/en/US/products/ps6128/prod_release_notes_list.html Notice that if you updated to 4.9.1 there is a updated list of supported AV/AS vendors - see link above for details. Sincerely, -Nick On Tue, May 22, 2012 at 11:19 AM, Terhune, Bradley N (Brad) < [email protected]> wrote: > Nick,**** > > Thank you very much for sharing your information.**** > > Where do you pull your list of AV info from? The link near the bottom?*** > * > > ** ** > > We do the same (pretty much) except we recommend Forefront to our > Faculty/Staff, Security Essentials to students on their own equipment, and > ClamXAV for Macs. **** > > I just wish we did not have to make people uninstall AV software that > works fine. Seems like a lot of wasted time.**** > > ** ** > > Later,**** > > Brad**** > > ** ** > > *From:* Cisco Clean Access Users and Administrators [mailto: > [email protected]] *On Behalf Of *Nick Recchia > *Sent:* Tuesday, May 22, 2012 10:41 AM > *To:* [email protected] > *Subject:* Re: Cisco NAC and antivirus support**** > > ** ** > > Hi Brad, > > As for your question: > *"How do you all handle new AV products coming into your environment?"* > > Below is our approach to AV/AS within our NAC environment. > > [Excerpt starts] **** > *Requirements:<https://web01.usfca.edu:8080/portal/app/portlets/results/viewsolution.jsp?solutionid=041127717404332&isGuest=true#Requirements> > ***** > > To pass the Network Admission Control requirement in the ResHalls and > access the campus network, all Windows computers must have the Cisco Nac > Agent installed and meet the following conditions:**** > > 1. *Automatic Updates *enabled and set to 'Download and prompt...' ** > ** > - *TIP: if your machine is not kept up-to-date you will not pass > NAC. ***** > - All Windows Critical Updates, including Service Pack 3 for > Windows XP, Windows 7 Service Pack 1, or Vista Service Pack 2, etc. > must be > installed. *Click here for more > details<https://web01.usfca.edu:8080/portal/app/portlets/results/viewsolution.jsp?solutionid=041020819075425&isGuest=true&SToken=D6039B5F0B038C0A9093C1D2BDCBD167> > .***** > > ** ** > > 1. *Up-to-date anti-virus software* with current virus definitions. ** > ** > - *NOTE: If you aren't currently using a supported AV/AS, or you > don't already use anti-virus and spyware protection with a current > subscription, USF provides a free copy of Sophos Anti-Virus. In > addition to protecting against viruses, Sophos provides a basic level of > protection against spyware and adware.* **** > > ** ** > > - To download *Sophos AV*, click link for Installation files and > instructions <http://antivirus.usfca.edu/> - (You need to log in > to this page with your USFconnect username and password.)**** > > ** ** > > - *For a list of supported Cisco NAC Anti-Virus (AV) software click > > here<https://web01.usfca.edu:8080/portal/app/portlets/results/viewsolution.jsp?solutionid=041127919254511&isGuest=true&SToken=810F279912A8491E8121748096907D57> > .***** > > > [Excerpt ends] > > Full public solution here: > > https://web01.usfca.edu:8080/portal/app/portlets/results/viewsolution.jsp?solutionid=041127717404332&isGuest=true > > Sincerely, > -Nick**** > > On Tue, May 22, 2012 at 7:32 AM, Dan Taube <[email protected]> wrote:**** > > Hello Brad, > > It is not exactly a situation of the anti-virus products taking NAC into > account, but rather that a third-party (OPSWAT - > http://www.opswat.com/products/oesis-framework/supported-applications?type=antivirus) > is not up-to-date with the latest version. Cisco utilizes OPSWAT in their > compliance module of NAC and so support is reliant on OPSWAT being updated. > I believe there is a set timeline before support is added, but I cannot > find my documentation that indicates such. > > Therefore, the option is to make one-off checks and rules to account for > latest version when they are not supported. > > In terms of Security Center, I remember looking into it once for a > in-house application and the latest versions of it prevent "unauthorized" > access. It seemed that one would have to be certified to interact with > Security Center in order to prevent malware from having access to it. > > Dan > -- > Dan Taube > Associate IT Support > Computer Infrastructure Support > Illinois State University > 309.438.4357 [support] > 309.438.8985 [direct]**** > > > > On 5/22/12 8:54 AM, Terhune, Bradley N (Brad) wrote: **** > > Good morning list!**** > > A while back I sent out a memo asking if anyone knew if Cisco NAC could > check the Windows Security Center for compliance for AV and AV defs. Does > anyone have any ideas- any registry key to check against? We were able to > get Security Essentials 4.0 working with a registry workaround.**** > > **** > > How do you all handle new AV products coming into your environment? > These AV products don’t seem to take the Cisco NAC into account. Some > currenty examples are Kaspersky 2012, AVG 2012, and Security Essentials > 4.0. **** > > Our server is at 4.8 and so are our clients. Are we doing something > wrong? Are you all able to handle this better?**** > > These seem like valid products. I hate that we have to tell them to go > get something else.**** > > **** > > Thanks for any advice you might have.**** > > Brad Terhune**** > > [email protected]**** > > UTHSC ITS**** > > **** > > > > > -- > Nicholas Recchia, Ed.D. > *Security Administrator* > ITS - Security Services > infosec.usfca.edu > > *University of San Francisco* > Lone Mountain North - 236a > 2130 Fulton Street > San Francisco, CA 94117 > *ITS Help Desk,* *Phone: 415-422-6668, E-mail: [email protected]* > Fax: 415-422-6719**** > > ** ** > > ** ** > > ** ** > -- Nicholas Recchia, Ed.D. *Security Administrator* ITS - Security Services infosec.usfca.edu *University of San Francisco* Lone Mountain North - 236a 2130 Fulton Street San Francisco, CA 94117 *ITS Help Desk,* *Phone: 415-422-6668, E-mail: [email protected]* Fax: 415-422-6719
