Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

This thread has been viewed 1 times

  • 1.  How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    Posted Jun 10, 2015 02:02 PM

    I have implemneted wired 802.1x with cisco switchs and ongaurd agnet installed on all win 7 an win Xp clients the thing is that I want to do auto remediation for user so antivurus can instaled automatically how can I do that?



  • 2.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    EMPLOYEE
    Posted Jun 10, 2015 02:08 PM
    In your posture policy, enable auto-remediation in the Antivirus configuration.


    Thanks,
    Tim


  • 3.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    Posted Jun 10, 2015 02:37 PM

    Make sure you check whats auto remediation action are supported based on the product you are using:

    https://<ClearPass IP>/agent/supportcharts/Win_AV_ProductConfig.xml



  • 4.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    Posted Jun 10, 2015 03:59 PM

    So what exaclty does it do is it installl antivirus without client interaction?



  • 5.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    EMPLOYEE
    Posted Jun 10, 2015 04:01 PM
    Auto-remediation only works if the client already has antivirus installed.
    It can turn it on, update it, etc but make sure you look at Vic's post for
    supported software.


  • 6.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    Posted Jun 10, 2015 04:22 PM

    Actually alll we thought about is it will install the antivirus so ,now I need to reddirect useres who dont have antivirus to a FTP server to doenload it and show them a message with that so what is the steps to configure this and thanks in advance



  • 7.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    EMPLOYEE
    Posted Jun 10, 2015 04:33 PM

    You can do something along the lines of checking for the antivirus status in your enforcement policy and if unhealthy, return a role to the controller that has a captive portal attached with the page to install it.

     

    POSTURE-AV-INSTALL.PNG



  • 8.  RE: How to do Auto Remediation for Antivirus in win 7 and WIN XP on Wired 802.1x service on cleapass?

    Posted Jun 11, 2015 02:07 AM

    so what I got is that I have to cretae enforcement profile with redirction to the FTP server for example?

     

    so what is the right syntax for the rulles in the Enforcment profile?