Educause Security Discussion mailing list archives
Re: Checking for AV software on students' machines
From: "Gibbs, Aaron M." <AMGibbs () ST-AUG EDU>
Date: Wed, 9 Jun 2004 14:22:35 -0400
Are the users automatically directed to the specific webpage? If the user decides not to go to the webpage are they prevented from accessing the network? If so, what solution do you have in place to insure the restriction takes place? Aaron M Gibbs Director Networking and Telecommunications St. Augustine's College Center for Information Technology 919-516-4237 (Office) 919-516-4382 (Fax) amgibbs () st-aug edu www.st-aug.edu -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU]On Behalf Of Ariel Silverstone Sent: Wednesday, June 09, 2004 2:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines We are doing it at Temple. Firstly, we mandate our AV via policy, then when connects occur, they must go to a webpage that initiates a test. The test is a combination of ActiveX and ports open. Thank you, Ariel Silverstone, CISSP Chief Information Security Officer Temple University -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rivers, Christopher R Sent: Wednesday, June 09, 2004 1:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines I would be interested any any responses to this as well. Many thanks, Chris Rivers - CEH, A+ Technology Support Coordinator Indiana University Kokomo Department of Information Technologies http://www.iuk.edu/IT "He is no fool who gives what he cannot keep to gain what he cannot lose." -- Jim Elliot
-----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Giacobbe Sent: Wednesday, June 09, 2004 12:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Checking for AV software on students' machines Nathan- I unfortunately don't have an answer to your questions regarding verification of AV software on client machines, but I was wondering if you could provide some details on how you accomplished your first goal - verifying for patches before a student machine is allowed on the network. We are currently investigating ways to drop student machines into a "quarantine" VLAN if they are not up to the latest Windows patches, but so far have not found an effective way to do that check. Does your solution require some kind of pre-installed client agent? I didn't see anything in a previous thread, but if you've already answered that question my apologies. Any insight, advice, horror stories you could provide would be greatly appreciated. Thanks, Jeff Giacobbe Director of Systems, Security, and Networking Montclair State University Nathan Hall wrote:Now that we have found a way to check students' machines for missing patches before they are allowed on the network, we arelooking to expandto checking for the presence of updated anti-virus software. This requires access to the students' machines, so we arelooking at using aweb page with a .NET component to perform the check. A fewquestions:1) Is anyone else doing something like this currently? 2) How have you implemented this (web page w/ ActiveX/.Net,downloadableprogram...)? 3) What do you look for to determine if AV software ispresent (registryentries, services, running processes...)? 4) How successful has it been? 5) Pitfalls? Any other input would be appreciated too. Thanks in advance. Nathan Hall System Administrator SUNY Oneonta Oneonta, NY 13820 (607) 436-2708 ********** Participation and subscription information for thisEDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: Checking for AV software on students' machines, (continued)
- Re: Checking for AV software on students' machines Mike Wiseman (Jun 09)
- Re: Checking for AV software on students' machines Jeff Giacobbe (Jun 09)
- Re: Checking for AV software on students' machines Rivers, Christopher R (Jun 09)
- Re: Checking for AV software on students' machines Craig Blaha (Jun 09)
- Re: Checking for AV software on students' machines Brian Eckman (Jun 09)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 09)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 09)
- Re: Checking for AV software on students' machines Jeff Bollinger (Jun 09)
- Re: Checking for AV software on students' machines Helms, Sandra (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 09)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 09)
- Re: Checking for AV software on students' machines jack suess (Jun 09)
- Re: Checking for AV software on students' machines Ariel Silverstone (Jun 09)
- Re: Checking for AV software on students' machines Gary Flynn (Jun 09)
- Re: Checking for AV software on students' machines Robert Ono (Jun 09)
- Re: Checking for AV software on students' machines Stephen Bernard (Jun 09)
- Re: Checking for AV software on students' machines Bill Frazier (Jun 10)
- Re: Checking for AV software on students' machines Nathan Hall (Jun 10)
- Re: Checking for AV software on students' machines Dunker, Mary (Jun 10)
- Re: Checking for AV software on students' machines Gibbs, Aaron M. (Jun 10)
- Re: Checking for AV software on students' machines Shawn Kohrman (Jun 10)
(Thread continues...)