Re: Checking for AV software on students' machines

[Robert Ono <raono () UCDAVIS EDU>]

Jeff,
We are in the process of expanding our vulnerability scan that takes
place as part of our authentication to campus-wide web-based
applications. See http://security.ucdavis.edu/vulnscanrpt.pdf for further
information. Let me know if you have any questions.

Bob

> Nathan-
>
> I unfortunately don't have an answer to your questions regarding
> verification of AV software on client machines, but I was wondering if
> you could provide some details on how you accomplished your first goal -
> verifying for patches before a student machine is allowed on the
network.
> We are currently investigating ways to drop student machines into a
> "quarantine" VLAN if they are not up to the latest Windows patches, but
> so far have not found an effective way to do that check. Does your
> solution require some kind of pre-installed client agent?
>
> I didn't see anything in a previous thread, but if you've already
> answered that question my apologies. Any insight, advice, horror stories
> you could provide would be greatly appreciated.
>
> Thanks,
>
> Jeff Giacobbe
> Director of Systems, Security, and Networking
> Montclair State University
>
>
> Nathan Hall wrote:
> > Now that we have found a way to check students' machines for missing
> > patches before they are allowed on the network, we are looking to
expand
> > to checking for the presence of updated anti-virus software. This
> > requires access to the students' machines, so we are looking at using
a
> > web page with a .NET component to perform the check. A few questions:
> >
> > 1) Is anyone else doing something like this currently?
> > 2) How have you implemented this (web page w/ ActiveX/.Net,
downloadable
> > program...)?
> > 3) What do you look for to determine if AV software is present
(registry
> > entries, services, running processes...)?
> > 4) How successful has it been?
> > 5) Pitfalls?
> >
> > Any other input would be appreciated too. Thanks in advance.
> >
> > Nathan Hall
> > System Administrator
> > SUNY Oneonta
> > Oneonta, NY 13820
> > (607) 436-2708
> >
> > **********
> > Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/cg/.
> **********
> Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.
>

Robert Ono, CISSP
IT Security Coordinator
Office of the Vice Provost, Information and Educational
Technology
UC Davis
530.757.5795 Desk

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.