Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAC - How to check AV running

We have NAC 4.1.8 OOB deployment installed and a rule to check whether kaspersky is installed in users before giving them access to the network. That's working fine.

Now I want to check whether kaspersky is actually running on the user machine or not. (kaspersky can be installed but disabled) This condition is not checked by the AV_installed rules. (even when kaspersky is disabled, users are given access to the network)

Any of you know how to fix this ???

many thanks in advance for your valued inputs

New Member

Re: NAC - How to check AV running

My complicated way of doing this would be add a new check (service check or application check) for your particular version of kapersky.

Then create a rule (expression for your check).

Then create a link distribution requirement. For example that gives them the link to download the correct version from one of your servers - if they fail.

Then map the new requirement to a given operating system or group of operating systems.

Then under role-requirments enable the rule for a given user role.

Now there may already be some of this created for you but this would be from scratch situation.

Hope that helps.

New Member

Re: NAC - How to check AV running

well, the problem is even if we disable kaspersky, the kaspersky service is still running. Now if we are checking the only the existence of the service, NAC would still allow the users with disabled kaspersky, in to the network.

So we need a different mechanism than the service check

thanks for the input though