Re: Checking for AV software on students' machines

["Gibbs, Aaron M." <AMGibbs () ST-AUG EDU>]

Are the users automatically directed to the specific webpage? If the user decides not to go to the webpage are they 
prevented from accessing the network? If so, what solution do you have in place to insure the restriction takes place?

Aaron M Gibbs
Director 
Networking and Telecommunications
St. Augustine's College
Center for Information Technology
919-516-4237 (Office)
919-516-4382 (Fax)
amgibbs () st-aug edu 
www.st-aug.edu


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU]On Behalf Of Ariel Silverstone
Sent: Wednesday, June 09, 2004 2:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Checking for AV software on students' machines


We are doing it at Temple.  Firstly, we mandate our AV via policy, then when
connects occur, they must go to a webpage that initiates a test.  The test
is a combination of ActiveX and ports open.

Thank you,

Ariel Silverstone, CISSP
Chief Information Security Officer
Temple University


-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rivers, Christopher R
Sent: Wednesday, June 09, 2004 1:26 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Checking for AV software on students' machines

I would be interested any any responses to this as well.

Many thanks,
Chris Rivers - CEH, A+
Technology Support Coordinator
Indiana University Kokomo
Department of Information Technologies
http://www.iuk.edu/IT

"He is no fool who gives what he cannot keep to gain what he cannot
lose." -- Jim Elliot

> -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Giacobbe
> Sent: Wednesday, June 09, 2004 12:13 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Checking for AV software on students' machines
>
> Nathan-
>
> I unfortunately don't have an answer to your questions regarding
> verification of AV software on client machines, but I was wondering if
> you could provide some details on how you accomplished your first goal
> - verifying for patches before a student machine is allowed on the
> network.
>
> We are currently investigating ways to drop student machines into a
> "quarantine" VLAN if they are not up to the latest Windows patches,
> but so far have not found an effective way to do that check. Does your
> solution require some kind of pre-installed client agent?
>
> I didn't see anything in a previous thread, but if you've already
> answered that question my apologies. Any insight, advice, horror
> stories you could provide would be greatly appreciated.
>
> Thanks,
>
> Jeff Giacobbe
> Director of Systems, Security, and Networking Montclair State
> University
>
>
> Nathan Hall wrote:
> > Now that we have found a way to check students' machines for missing
> > patches before they are allowed on the network, we are
> looking to expand
> > to checking for the presence of updated anti-virus software. This
> > requires access to the students' machines, so we are
> looking at using a
> > web page with a .NET component to perform the check. A few
> questions:
> > 1) Is anyone else doing something like this currently?
> > 2) How have you implemented this (web page w/ ActiveX/.Net,
> downloadable
> > program...)?
> > 3) What do you look for to determine if AV software is
> present (registry
> > entries, services, running processes...)?
> > 4) How successful has it been?
> > 5) Pitfalls?
> >
> > Any other input would be appreciated too. Thanks in advance.
> >
> > Nathan Hall
> > System Administrator
> > SUNY Oneonta
> > Oneonta, NY 13820
> > (607) 436-2708
> >
> > **********
> > Participation and subscription information for this
> EDUCAUSE Discussion Group discussion list can be found at
> http://www.educause.edu/cg/.
>
> **********
> Participation and subscription information for this EDUCAUSE
> Discussion Group discussion list can be found at
> http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.