Hey Homer,
Weird that it doesn't show there. It should.
As for a way to handle it, the only workaround is unfortunately to
uninstall NSS. The agent should be able to check for NSS definition
updates, but our database bases their defs off the same date as normal
SAV defs (which they are different and not updated that frequently) so I
have found that the date checks don't work well for NSS.
Bug hasn't been assigned to a developer yet, so not sure of a timeline
on when it will be fixed, but it will need a new underlying SDK for the
agent, so it more than likely require a new agent to fix.
Nate
Homer Manila wrote:
Thanks Nate. Actually, the list I was going by was on the manager:
Device Managment -> Clean Access -> Clean Access Agent -> Rules ->
AV/AS Support Info
That list doesn't show it supported anyway, and if I remember
correctly, it updates with every new version of the agent being
deployed, yes?
Thanks for the bug info. Apparently, it's affecting more of our users
than I original thought. May have to call Cisco on best way to handle
this....
--Homer Manila
Information Security Administrator
Information Technology, American University
202-885-2209
Nathaniel Austin wrote:
Hey Homer,
It is on the supported list:
Norton Security Scan / 1.x / yes (4.1.3.0) / yes (4.1.3.0) / -
As to the problem, I repro'd this here a little while ago. We should
be able to detect both NSS and a normal Symantec AV at the same time,
but we don't. I filed CSCso76507 on the issue.
Nate
Homer Manila wrote:
We just forced an upgrade of the CCA agent this morning to 4.1.3.2,
and began getting a few complaints from our users about not being
able to log in despite having very much up-to-date definitions of
Symantec AntiVirus. Turns out that the new agent was now seeing a
"Norton Security Scan," with differing product version #s and defs
versions(sometimes none). A quick google found that this product
was bundled with Google Pack a little over a month ago, and would
explain how the product got onto our clients' machines without our
knowledge. Apparently, the new agent is seeing Norton Security Scan
instead of our standard, tested, supported SAV bundle. Removal of
NSS fixes the problem and allows the user onto the network.
Question: how is CCA seeing this product if it isn't even in the
supported list of AV?
