Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Patchlink and CSA - How can they operate together?

We have been going round and round about this problems for months. We have found that the best way to patch our environment and get around CSA is to turn CSA off. We are utilizing patchlink currently for our method to patch. Is there any way we can get around turning off CSA and be able to patch with patchlink?

  • Other Security Subjects
3 REPLIES
Blue

Re: Patchlink and CSA - How can they operate together?

I don't know what CSA rules and policies you are using but we were able to do this by creating a Patchlink app class and allowing it to do what it needed.

Specifically, the Patchlink application (dagent.exe) when run from the proper folder is allowed to:

Access all applications and files

Process downloaded content

Access all COM components

Hosts are also allowed to accept connections from the Patchlink server.

This worked for us.

Tom S

New Member

Re: Patchlink and CSA - How can they operate together?

Hi,

We are having the same problem. Patchlink patches are dumped in "C:\Windows\Temp" and have different names all the time. It looks something like this:

"The process 'C:\WINDOWS\TEMP\WindowsXP-KB887472-x86-SP1-PTB.exe' (as user NT INSTANS\SYSTEM) tried to open/create the file 'C:\faebc7447883ada5faf82b\sp1qfe\msmsgs.exe' and was denied."

Next time it can be a completely different .EXE file. Is there a way to solve this?

Kind regards,

Rutger

Re: Patchlink and CSA - How can they operate together?

You might also wan't to only allow Patchlink to run as domain admin and then load your policy with that defined user state

104
Views
0
Helpful
3
Replies
This widget could not be displayed.