The SAV administrator for our campus provided the exported CSV file from the SAV server.
Apparently, MARS has very little compatibility with SAV 10.x. I was hoping MARS would be able to parse some of the alerts but no luck so far. I guess my previous questions are moot now. I would still be interested in the details of the need for the SAV client list.
Thanks for the note about SAV 10.x. Probably would have found out the same thing here soon.
Apparently the Symantec CSV import has a known bug (you cannot repeat the import process again later on - which is a real problem - what happens if/when the AV client landscape changes - how would you tell MARS about the new layout without a re-import?)
According to Cisco TAC, MARS 4.2.1 is supposed to be able to learn the Symantec AV structure now (no need to import anything). I have not been able to test this since there are so many problems on the Symantec side here (AMS, etc.).
AV reporting in MARS in general could use a lot of work - and hopefully Cisco will extend this beyond Symantec to other AV providers (e.g. Trend).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :