tsteger1

Member Since: Jan 21, 2004

English
tsteger1 commented on Cisco Security Agent - EoL in Other Security Subjects 5 years ago

Trend Micro is offering a migration special for their Deep Security product for current CSA...

tsteger1 commented on CSA - Leventmgr.exe occupying 98-100% resources in Other Security Subjects 5 years ago

It could be this bug which was found in 6.0.2.126 and is not fixed:CSCtg98849 Bug DetailsCSA:...

tsteger1 commented on Cisco Security Agent system freezes in Other Security Subjects 5 years ago

Check your rules to ensure bug CSCtg98849 isn't affecting you.Tom

tsteger1 commented on Cisco Security Agent causes problems with laptop in Other Security Subjects 5 years ago

Yes, CSA installs several shims and you can see them in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet...

tsteger1 commented on CSA 6.01 MC change IP address in Other Security Subjects 5 years ago

It should not present a problem to change the MC address and DNS record unless your hosts resolve...

tsteger1 commented on Cisco Security Agent causes problems with laptop in Other Security Subjects 5 years ago

Make sure you have "Show processes from all users" checked and look for the okclient.exe, leventmgr...

tsteger1 commented on CSA MC 6 - How can I create an SSL Certificate that points to a name other than the hostname? in Other Security Subjects 6 years ago

What about putting the CSAMC in your DMZ and allowing those ports through your firewall?The nice...

tsteger1 commented on CSA Policies for dynamic users in Other Security Subjects 6 years ago

I use user states to allow admin users to do things by using a rule module that applies only to...

tsteger1 commented on CSA Policies for dynamic users in Other Security Subjects 6 years ago

1. User states is how we apply policies based on username no matter which workstation they are...

tsteger1 commented on upgrade CSA v5.2 to v6.0.1: software update not available on CSA 5.2 in Other Security Subjects 6 years ago

If you have SQL Management Studio installed you should be able to suspend security and run the...

tsteger1 commented on upgrade CSA v5.2 to v6.0.1: software update not available on CSA 5.2 in Other Security Subjects 6 years ago

Try running the prepare_52_migration.exe in a command window after you disable security on the MC....

tsteger1 commented on CSA : Event queue is full-Dropping event in Other Security Subjects 6 years ago

Never seen that one before and I've broken quite a few MCsIs that snippet from the host or the MC...

tsteger1 commented on CSA block in Other Security Subjects 6 years ago

My CSA 5.2 server is also Windows Server 2003 and has MDAC 2.8 SP2 and SQL 2005 installed.I suggest...

tsteger1 commented on CSA block in Other Security Subjects 6 years ago

Take a look at this post regarding the bulk insert error:https://supportforums.cisco.com/message/...

tsteger1 commented on upgrade CSA v5.2 to v6.0.1: software update not available on CSA 5.2 in Other Security Subjects 6 years ago

It sounds like a problem that occurs when the command window is closed before the migration is...

tsteger1 commented on CSA Analysis in Other Security Subjects 6 years ago

Can you confirm you have a valid Cisco Security Agent Analysis...

tsteger1 commented on CSA 5.2: Logging removable media in Intrusion Prevention Systems/IDS 6 years ago

Well, I can't explain it.You can check the release notes to see if something like that was fixed in...

tsteger1 commented on CSA 5.2: Logging removable media in Intrusion Prevention Systems/IDS 6 years ago

It would need to be and the fileset would need to be as I described it.It is working for me on 5.2...

tsteger1 commented on CSA 5.2: Logging removable media in Intrusion Prevention Systems/IDS 6 years ago

Create a file set called USBDirectories:[email protected]:\[email protected]:\[email protected]:\[email protected]:\**...

tsteger1 commented on CSA 6.0 block wireless ssid, when corporate wireless can be seen in Intrusion Prevention Systems/IDS 6 years ago

I haven't tried this but it should work:Create a Network Interface set called 1234-HQ with the...

tsteger1 commented on CSA 5.2 Logging in Physical Security 6 years ago

Create a file monitor rule using a custom @removable file set that excludes floppies and CDs. That'...

tsteger1 commented on CSA client update errors in Intrusion Prevention Systems/IDS 6 years ago

Software updates can contain scheduled update time windows.  The default is 00:00 to 23:59.If the...

tsteger1 commented on Any Word On CSA 6.0 on 64 Bit Windows in Other Security Subjects 6 years ago

Hello Lucien, Thanks for the information. Where can I (we) find out more about version 6.0.2?Tom

tsteger1 commented on Long Live CSA? in Other Security Subjects 6 years ago

I don't know but the only thing I've seen saying that is this blog. I posted the link last week...

tsteger1 commented on CSA server migration to new hardware in Intrusion Prevention Systems/IDS 6 years ago

Unfortunately it looks as though 6.0 and 6.0.1 were considered the same version so there is no...

tsteger1 commented on Future of CSA? in Other Security Subjects 6 years ago

I agree 100%.

tsteger1 commented on CSA server migration to new hardware in Intrusion Prevention Systems/IDS 6 years ago

I believe migration to a new MC might be simpler.Install 6.0.1 on the new server, import the...

tsteger1 commented on CSA 5.1 and 6.0 MC on Same Server in Other Security Subjects 6 years ago

That's actually a migration secanario so it should work fine. I had no trouble with 5.2 and 6.0 on...

tsteger1 commented on CSA and SuSE Linux in Intrusion Prevention Systems/IDS 7 years ago

My experience has been it is backwards compatible unless there were major changes to the OS.I'd try...

tsteger1 commented on Cisco CSA as a personal firewall in Other Security Subjects 7 years ago

It depends on the version. In 5.2 it's the the rule module "Windows XP Remote Control Module".In 6...

tsteger1 commented on CSA Content.MSO .com Alerts Suddenly Loud in Intrusion Prevention Systems/IDS 7 years ago

I did some more digging and these are actually .gif files.Try renaming one of them from .com to ....

tsteger1 commented on Cisco CSA as a personal firewall in Other Security Subjects 7 years ago

You need to modify the Windows XP Remote Control Module to allow RDP from only those addresses you...

tsteger1 commented on Welcome to the Cisco Networking Professionals Physical Security topic in Physical Security 7 years ago

Nice! This is an important topic that is not as discussed as it should be IMHO.Thanks for...

tsteger1 commented on CSA Content.MSO .com Alerts Suddenly Loud in Intrusion Prevention Systems/IDS 7 years ago

It doesn't do it on all messages for us, just certain ones from outside our organization.It was an...

tsteger1 commented on CSA Content.MSO .com Alerts Suddenly Loud in Intrusion Prevention Systems/IDS 7 years ago

When opening the message, CSA queries the user with something similar to:"Warning - The process C:\...

tsteger1 commented on CSA 4.x SSL Certificate expired in Other Security Subjects 7 years ago

Which version of 4.X?

tsteger1 commented on CSA 6.0 in Other Security Subjects 7 years ago

It's also helpful to put something like that as the topic of your post."CSA 6.0 and RDP" makes it...

tsteger1 commented on CSA browser issue in Other Security Subjects 7 years ago

It's free if your annual maintenance is current.

tsteger1 commented on CSA browser issue in Other Security Subjects 7 years ago

In Internet Options>Security> (whatever zone the MC is in)>Miscellaneous sectionEnable -...

tsteger1 commented on CSA will not install in Other Security Subjects 7 years ago

There may be a log file in Program Files\Cisco Systems even with a failed install.It may contain...

tsteger1 commented on CSA and Windows Defender in Other Security Subjects 7 years ago

Either that or allow the Defender updates in CSA.Do you have any other AV on the hosts?Tom

tsteger1 commented on CSA and okclient.exe error during logons in Other Security Subjects 7 years ago

It looks like you don't have a rule allowing the agent UI to run on that host.[2009-08-11 08:01:00....

tsteger1 commented on CSA does not Query User every time. in Other Security Subjects 7 years ago

You might be able to use a DAC or set rule to add files to an application class when written to...

tsteger1 commented on CSA and okclient.exe error during logons in Other Security Subjects 7 years ago

Need more information to make a guess.Did it ever work?Do you have a policy preventing the Agent UI...

tsteger1 commented on Is CSA (version 6.0.1.106) compatible with 64 bit Windows OS? in Other Security Subjects 7 years ago

No, only 64 but Solaris is supported.

tsteger1 commented on CSA prevents remote application from accessing the registry in Intrusion Prevention Systems/IDS 7 years ago

You can create a user state that will allow remote connections if it is legitimate. It may be...

tsteger1 commented on CSA timed rules in Intrusion Prevention Systems/IDS 7 years ago

You can create rules to add and remove processes for specified time intervals. Look at the Roaming...

tsteger1 commented on CSA - file copy log in Other Security Subjects 7 years ago

What version of CSA?5.2 has a Data Theft Prevention Module already configured.Tom

tsteger1 commented on do CSA block certains applications when learning mode enabled in Intrusion Prevention Systems/IDS 7 years ago

The answer is yes, in Learn Mode it will block certain applications if the rules are set to deny.It...

Bio

I enjoy participating on NetPro because I like answering questions and helping others.
Seeing how others use CSA helps me learn too.
We began using Cisco Security Agent in 2004 as part of a Defense in Depth approach to protecting our network.











tsteger1's Stats

Points1623
Discussion started 16
Answers marked as Correct 50
Endorsed 0
Content Rated 48