Security

Reply
Contributor I

How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

I have implemneted wired 802.1x with cisco switchs and ongaurd agnet installed on all win 7 an win Xp clients the thing is that I want to do auto remediation for user so antivurus can instaled automatically how can I do that?

Guru Elite

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

In your posture policy, enable auto-remediation in the Antivirus configuration.


Thanks,
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

Make sure you check whats auto remediation action are supported based on the product you are using:

https://<ClearPass IP>/agent/supportcharts/Win_AV_ProductConfig.xml

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor I

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

So what exaclty does it do is it installl antivirus without client interaction?

Guru Elite

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

Auto-remediation only works if the client already has antivirus installed.
It can turn it on, update it, etc but make sure you look at Vic's post for
supported software.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

Actually alll we thought about is it will install the antivirus so ,now I need to reddirect useres who dont have antivirus to a FTP server to doenload it and show them a message with that so what is the steps to configure this and thanks in advance

Guru Elite

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

You can do something along the lines of checking for the antivirus status in your enforcement policy and if unhealthy, return a role to the controller that has a captive portal attached with the page to install it.

 

POSTURE-AV-INSTALL.PNG


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor I

Re: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass

so what I got is that I have to cretae enforcement profile with redirction to the FTP server for example?

 

so what is the right syntax for the rulles in the Enforcment profile?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: