Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
819
Views
0
Helpful
1
Replies

ISE AV can't launch an automatic update

engahmedsaied
Level 1
Level 1

‎11-10-2015 10:54 AM - edited ‎03-10-2019 11:13 PM

Hi all,

Please help I face two problems ISE 1.2.0.899 , NAC agent 4.9.0.52 and 4.9.5.7 same problem in both 

1)NAC agent can check on conditions which in posture policy (AV installation and update).

but I have a problem that NAC agent can't launch an automatic update, user must lanuch it manually, I get this message during NAC try to get update

"The remediation you are attempting has failed with an internal error"

AV compound condition Vendor Kaspersky Labs

Kaspersky endpoint security version 10.x

and same for update 10 days allowed.

Result --> AV remedation --> remedation type Automatic 

AV vendor Kaspersky Labs

should these launch 

and posture policy take that remedation action.

2) if the user made this update manually posture can't change state unless user unplug and plug network cable again.

Thank you all.

Labels:
0 Helpful
1 Reply 1

Isra
Level 1
Level 1

‎02-18-2016 03:18 PM

Maybe yo can launch a program to remediate

Policy Elements>Results>Posture>Remediation Actions>Launch Program Remediations

In my case I use Windows Antivirus, so:

ABSOLUTE_PATH C:\Program Files\Microsoft Security Client\MpCmdRun.EXE -signatureupdate

This working fine for me, you can change the ABSOLUTE PATH according to your antivirus vendor

Note:

Troubleshoot Launch Program Remediation
Problem

When an application is launched as a remediation using Launch Program Remediation, the application is successfully launched (observed in the Windows Task Manager), however, the application UI is not visible.
Solution

The Launch program UI application runs with system privileges, and is visible in the Interactive Service Detection (ISD) window. To view the Launch program UI application, ISD should be enabled for the following OS:

    Windows Vista: ISD is in stop state by default. Enable ISD by starting ISD service in services.msc.

    Windows 7: ISD service is enabled by default.

    Windows 8/8.1: Enable ISD by changing "NoInteractiveServices" from 1 to 0 in the registry: \HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Windows.

0 Helpful
Customers Also Viewed These Support Documents