NAC - Custom Check For Unsupported Anti-Virus

Unanswered Question
Apr 23rd, 2009

Hi,

Was wondering of somebody could help me. I have deployed NAC for a customer, however some users that are to access the network remotely (behind ASA remote access) use an Anti-Virus unsupported by NAC.

What is the best way to build a rule to policy check for this? What should i be looking for on the windows host?

Thanks in advance for your help!

Andy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Thu, 04/23/2009 - 09:53

assuming they're unwilling to change the corporate security policy to prohibit remote vpn connections from non-corporate PC's, or unwilling to redistribute a supported antivirus product to these employees? you will have to account for every other antivirus that all the remote vpn users use, and then create custom checks for them. you can look at the existing antivirus checks to see how they're doing. I believe they consist of registry checks and service checks.

Actions

This Discussion