Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 894 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NAC non compliance problem

stondini

Just rolled out NAC version 3.9 a few weeks ago and it's been in Report Only mode so we can get a grasp on what needs to be changed before we enable policies.

Out of 300ish machines only 27 were compliant. When I look at the reasons why, most are getting flagged for virus/spyware even though they're clean according to the console.  The policy is the default Sophos Anti-Virus 10.x Profile (Anti-Virus).  Anyone have any ideas?!?

:34329


This thread was automatically locked due to age.
Parents
  • 0

    HI Stondini,

    welcome to the world of NAC where sometimes even Support does not know what and Why happen :).

    Reports (Report > Troubleshooting > Report Type =Non-Complaince Detail) will not show you the name of the Virus.

    Not that these maschines are affected by "Shh/Updater - False Positive" mishap.

    I would logon to the clients directly and look for the errors.

    As per my knowledge NAC has its own database so anything clean in Console must not be clean in NAC. NAC might take sometime to update the information.

    In order to tweak the Report Timing, you can change the  "Reporting Interval" settings available under Manage > Policy > Policy to be changed (Default | Managed | Unmanaged). Please remember that this may cause increase in network traffic.

    Lastly also check if the scheduled task on SQL Server is running successfully. By default it is configured to run at 2:30 AM. The job is called "Report Warehouse Loader" and can be seen under "Home > Server Task Status(Bottom Left Side) when you log on to the NAC Web Interface.

    Also check directly on the SQL Server (view Taskplanner) if the job is defined and being executed.

    Kind Regards
    FK

    :34487
Reply
  • 0

    HI Stondini,

    welcome to the world of NAC where sometimes even Support does not know what and Why happen :).

    Reports (Report > Troubleshooting > Report Type =Non-Complaince Detail) will not show you the name of the Virus.

    Not that these maschines are affected by "Shh/Updater - False Positive" mishap.

    I would logon to the clients directly and look for the errors.

    As per my knowledge NAC has its own database so anything clean in Console must not be clean in NAC. NAC might take sometime to update the information.

    In order to tweak the Report Timing, you can change the  "Reporting Interval" settings available under Manage > Policy > Policy to be changed (Default | Managed | Unmanaged). Please remember that this may cause increase in network traffic.

    Lastly also check if the scheduled task on SQL Server is running successfully. By default it is configured to run at 2:30 AM. The job is called "Report Warehouse Loader" and can be seen under "Home > Server Task Status(Bottom Left Side) when you log on to the NAC Web Interface.

    Also check directly on the SQL Server (view Taskplanner) if the job is defined and being executed.

    Kind Regards
    FK

    :34487
Children
No Data