Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2954
Views
0
Helpful
2
Replies

Cisco ISE AV Definition out of date

Marcin Zgola
Level 4
Level 4

‎12-19-2016 08:03 AM - edited ‎03-12-2019 05:47 PM

Setting up posture AV definition check in ISE, i noticed latest revision dates under Policy Elements>condition>AV Compound condition to be couple of weeks old for my symantec end point protection. What cisco uses to get the proper definition update versions? I compared against bitdefender and it shows all current meaning lastest definition 12/19/2106 but with symantec it shows 12/3/16.

Why is that?

This creates the problem...

Thanks

CCIE 18676
Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-19-2016 07:51 PM

The ISE AV definitions are updated from the following URL:

https://www.perfigo.com/ise/posture-update.xml

If we dig into it, we can see that AV definitions come from the file:

https://www.perfigo.com/ise/repository/posture/av-chart.tar.gz

Unpacking that file will show you all of the definitions that ISE uses to check for AV vendor definitions. If you are finding a given file is out of date, your best recourse is to open a TAC case on it. We recently saw the same with Trend Micro Version 12 not being recognized at all.

0 Helpful

Gagandeep Singh
Cisco Employee
Cisco Employee

‎12-20-2016 04:53 AM

We have a related bug filed.

CSCvc20000 ISE 2.1 Posture Anti-Malware Definitions date and version missing from the Posture Updates

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc20000/?reffering_site=dumpcr

ISE Posture condition on Anti-Malware definition check is failing due to the latest definition date and version missing from the Posture Updates. 

Regards

Gagan

ps: rate if it helps!!!!

0 Helpful
Customers Also Viewed These Support Documents