Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1375
Views
0
Helpful
4
Replies

Clean Access Agent Remediation for ESET Anti Virus

RyanJohnstone
Level 1
Level 1

‎08-12-2011 08:15 AM - edited ‎03-10-2019 06:18 PM

Hello,

Hope someone can help, we have a NAC 4.8 deployment using Clean Access Agent 4.8.0.35 and are trying to use it with ESET.  We are having

difficulties when we try to remediate to collect the latest anti virus definitions, when clicking on the update button we get a message stating

"The Remediation you are attempting is reporting an access denied error.  This is usually due to a privileg issue.  Please contact your system

administrator"

I have seen another post here about this but there was no final fix mentioned, the screenshot from that post is below, this is exactly the error we are getting.

image%2Fjpeg.jpg

The account logged onto the machine has administrative rights and the clean access agent was installed with administartive rights.  If i open the ESET client tool and do an update from their it starts to update, so it can see the ESET server etc and be updated via the client, its just the Clean Access Agent which is having trouble triggering the remediation.

Cant seem to find out much information from Eset on this so any help would be greatly appreciated

Thanks

Ryan

Labels:
0 Helpful
4 Replies 4

marioderosa2008
Level 1
Level 1

‎05-21-2012 06:47 AM

BUMP BUMP!

I have this same problem too when using ISE...

I think it is bad design that Cisco should expect normal users to be admins on corporate machines. The AV client updates its AV definitions fine when the user is not a local admin, completely independant of Cisco NAC, so what is Cisco NAC doing to require admin priviledges?

Mario

0 Helpful

RyanJohnstone
Level 1
Level 1
In response to marioderosa2008

‎05-23-2012 03:34 PM

Mario, this turned out not to be a local admin issue, it was how ESET is configured.  There is an option to supply an ESET username and password, it is not necessary by default to get ESET working and updating but the Cisco NAC was expecting to see these credentials, when we added the credentials to ESET the NAC remediated as expected and updated!

Took a while to get to this resolution so good luck, worth contacting Cisco TAC as they assisted when we had this issue.

0 Helpful

marioderosa2008
Level 1
Level 1
In response to RyanJohnstone

‎06-19-2012 05:51 AM

Hi Ryan,

do you know where you have to configure the USername and password? Is it in the ISE configuration or defined somewhere in the NAC agent profile that you use?

Thanks

mario

0 Helpful

marioderosa2008
Level 1
Level 1
In response to marioderosa2008

‎06-22-2012 02:20 AM

to answer my own question.

We were using Symantec Endpoint Protection 11 and the liveupdate feature was disabled by our Sys Admins which caused this error message for us.

mario

0 Helpful
Customers Also Viewed These Support Documents