Security

Hi everyone!!!

After the worldwide problem suffered today with the automatic update of the AV/AS which has stoped the Policy Manager till Aruba has released a fix using the same way, is there any way to stop receiving updates but going on having the choice to download new versions?

I have been asked to be able to download newer versions but deny the updates from the Posture & Profile Data Updates...

Have been checking all the features but none has been found.

Thx in advanced!!! :)

JoseMi

It does not ensure that CPPM will not download and install newer versions of the Posture & Profile Data Updates as it does it by itself every hour when I fill with the ID again.

I have received a notification from Aruba this morning early where we can read this:

"Can we prevent this in the future by blocking any automatic push to our environment?

Ans.        By default, all ClearPass appliances will download Posture & Profile Data Updates automatically.  At this time, there is no configurable option to selectively opt-out of these downloads.  We are investigating what options we may provide to customer so they have this ability to selectively opt-in or opt-out."

So, we have only two ways to isolate the CPPM AV/AS updates from Internet, whether to remove the subscription ID (as you said) or (in my case) the proxy configuration. Using one of these methods will prevent CPPM from install a wrong version but keep in mind that also the Firmware and Patch Updates part will not reach the Internet.