Educause Security Discussion mailing list archives
Re: Checking for AV software on students' machines
From: Michael Mills <mmills () RKON COM>
Date: Thu, 16 Sep 2004 13:42:01 -0500
One way that this can be done (if you have Cisco gear), is to institute a Cisco NAS policy that check for the installation of a AV client, and if so also will check that the current AV pattern is installed BEFORE access to the network is given. If those tests fail, you can then force that user to only have outbound internet access (through firewall policy of course). And if they need to access any of the colleges IT resources (email, Applications) they would have to go back in through the firewall. Michael Mills mmills () rkon com -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gibbs, Aaron M. Sent: Thursday, September 16, 2004 11:58 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines Are you forcing the foreign PC to the webpage once it is connected, if so how? Aaron M Gibbs Director Networking and Telecommunications St. Augustine's College Center for Information Technology 919-516-4237 (Office) 919-516-4382 (Fax) amgibbs () st-aug edu www.st-aug.edu -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU]On Behalf Of Ariel Silverstone Sent: Wednesday, June 09, 2004 2:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines We are doing it at Temple. Firstly, we mandate our AV via policy, then when connects occur, they must go to a webpage that initiates a test. The test is a combination of ActiveX and ports open. Thank you, Ariel Silverstone, CISSP Chief Information Security Officer Temple University -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rivers, Christopher R Sent: Wednesday, June 09, 2004 1:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines I would be interested any any responses to this as well. Many thanks, Chris Rivers - CEH, A+ Technology Support Coordinator Indiana University Kokomo Department of Information Technologies http://www.iuk.edu/IT "He is no fool who gives what he cannot keep to gain what he cannot lose." -- Jim Elliot
-----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Giacobbe Sent: Wednesday, June 09, 2004 12:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines Nathan- I unfortunately don't have an answer to your questions regarding verification of AV software on client machines, but I was wondering if you could provide some details on how you accomplished your first goal - verifying for patches before a student machine is allowed on the network. We are currently investigating ways to drop student machines into a "quarantine" VLAN if they are not up to the latest Windows patches, but so far have not found an effective way to do that check. Does your solution require some kind of pre-installed client agent? I didn't see anything in a previous thread, but if you've already answered that question my apologies. Any insight, advice, horror stories you could provide would be greatly appreciated. Thanks, Jeff Giacobbe Director of Systems, Security, and Networking Montclair State University Nathan Hall wrote:Now that we have found a way to check students' machines for missing patches before they are allowed on the network, we arelooking to expandto checking for the presence of updated anti-virus software. This requires access to the students' machines, so we arelooking at using aweb page with a .NET component to perform the check. A fewquestions:1) Is anyone else doing something like this currently? 2) How have you implemented this (web page w/ ActiveX/.Net,downloadableprogram...)? 3) What do you look for to determine if AV software ispresent (registryentries, services, running processes...)? 4) How successful has it been? 5) Pitfalls? Any other input would be appreciated too. Thanks in advance. Nathan Hall System Administrator SUNY Oneonta Oneonta, NY 13820 (607) 436-2708 ********** Participation and subscription information for thisEDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Sep 16)
- <Possible follow-ups>
- Re: Checking for AV software on students' machines Michael Mills (Sep 16)
- Re: Checking for AV software on students' machines Faigle, Chris (Sep 16)
- Re: Checking for AV software on students' machines Mike Wiseman (Sep 17)
- Re: Checking for AV software on students' machines Paul Crittenden (Sep 17)
- Re: Checking for AV software on students' machines Christopher Misra (Sep 17)
- Re: Checking for AV software on students' machines Nathan Hall (Sep 17)