We are having problems with allowing the Numara Track-IT application, version 8.0 to operate correctly with CSA. The two features of the application we are attempting to use are Audit and Take Control. We can usually audit a host without trouble, but experience problems when we try to take control of the host.
In our attempts to allow the Track-IT application to function as it needs to, we have created the following:
1. Separate group that contains all hosts except the MC
2. Policy that contains a single rule module
3. Rule module with rules as follows:
- Allows Track-IT application class to read and write all files
- Allows Track-IT application class to access all registry keys
- Allows Track-IT application class to all System APIs
- Allows Track-IT application class to run <All Applications>
- Allows Track-IT application class to act as server on all ports
- Allows Track-IT application class to act as client on all ports
- Allows Command Shell, MS Services, MS svchost, sysocmgr, winmgmt, wmiprvse, Recently Created Untrusted Content, to run Track-IT application class
- Allows All Applications to run Track-IT application class
We have essentially copied creating a Dynamic Application Class from Cisco Press book, Advanced Host Intrustion Prevention with CSA, pages 191-196. With all of that, we still cannot take control of the remote hosts. Nothing is logged in the CSA MC, and we receive messages from Track-IT such as "Software Push Failed", "Network Name Cannot be Found", or it just sits at "Waiting".
Any suggestions or assistance would be greatly appreciated.
Thank you in advance,