Security

Hi,

as we experience (during boot process) slow start of some services that are subject of Health check we tried to use Automatic (Delayed Start) for Onguard backend service. This has helped in some cases but there are still number of very slow computers which starts agent first and that is causing agent to declare that computer Unhealthy.

In about minute or two later when that service finally starts, agent makes another check and sees that everything is ok, so it declares that device Healthy.

My questions..

1) Can you tune agent to delay initial check for certain amount of time? So that it doesn't depend od Windows service delay.

2) Is there a ClearPass recommended setup for slow devices?

thanks

I have the same issue. But when i looked in to the log files its showing some log error related to manged interfaces. So i have selected all the managed interfaces and i re-installed my unguard agent and it worked. Make sure if you are using persistent agent please select the managed interfaces for persistent agent and if you are using dissolvable  agent do the sam

I belive you should also verify the on guard global agent settings.

Below i am attaching the screenshots

We do have selected managed interfaces for persistent agent. What software version are you using in screenshots? I do not have option to run agent as a service but agent is already started as a service (Clearpass Agent Controller).

Exact issue is that when pc boots up, network adapter and agent are running before AntiVirus starts Real time protection.

We have number of situations where pc is switched to Quarantine because RTP is OFF and soon after (10s - 150s) it is switched to Healthy because now RTP is ON.

Similar  is with some other checks, agent simply makes first Health check before services that are subject to a Health check are running.