Earthlink

Symantec Connect - Network Access Control - Discussions http://www.symantec.com/connect/network-access-control/forums/feed en Symantec NAC Documents, http://www.symantec.com/connect/forums/symantec-nac-documents <p> Hi Friends,</p> <p> I need Some of symantec nac  administrator and implemantation guide, ı have SNAC Implementation Guide  and Enforcer_Implementation_Guide</p> <p> but thats is not enought</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/symantec-nac-documents#comments Network Access Control Security Tue, 16 Mar 2010 09:47:06 +0000 mky2 1244441 at http://www.symantec.com/connect Problem with firewall EndPoint http://www.symantec.com/connect/forums/problem-firewall-endpoint <p>Hi everybody, </p> <p>I have a problem to install a program (activation key by internet). <br /> The message told me to desactivate my firewall just for few minutes. The Windows firewall is already off so I guess the problem come from Symantec Endpoint. <br /> So I go to the following page: <img height="517" width="900" src="/connect/imagebrowser/view/image/1231641/_original" alt="Symantec1.JPG" class="ibimage" /></p> <p>And I try to go to Network Threat Protection to desactivate the firewall or to made a exception for my software I try to install but from this page I could not access to the settings ... <img src="/connect/imagebrowser/view/image/1231651/_original" alt="Symantec2.JPG" class="ibimage" /><br /> I am on Windows XP, I am the administrator of my laptop but I have no idea how to fix this problem? <br /> Have you some advices? </p> <p>SIncerely </p> <p>Hollow</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/problem-firewall-endpoint#comments Network Access Control Security Wed, 10 Mar 2010 13:17:04 +0000 Hollow00 1231661 at http://www.symantec.com/connect Using SNAC Gateway Enforcer with CheckPoint VPN-1 Client http://www.symantec.com/connect/forums/using-snac-gateway-enforcer-checkpoint-vpn-1-client <p>Hi All</p> <p>Currently we are using SymSentry to check if out virus defs are up to date before allowing a VPN connection via the CheckPoint VNP-1 client.  We are also running SAV 10 AV clients.</p> <p>We are wanting to upgrade to SEP and have discovered that SymSentry is not compatible with the SEP av client and have been advised that we need to purchase a licence/licences for Symantec Network Access Control (SNAC).  I have trying to find documents on the internet on how to configure SNAC and to be honest I am overwhelemd with the amount of (mainly irrelevant) information.</p> <p>Please could someone advice on how to install and configure SNAC to use with CheckPoint VPN-1 clients.  Ideally we would like to be able to check the foolowing bfore clients are allowed to get a VPN connection:-</p> <ul> <li>SEP is running</li> <li>SEP definitions are up to date (e.g. no more than 4 days old)</li> <li>Screensaver is set to come on automatically no longer than 10 minutes</li> <li>Screensaver is password protected.</li> </ul> <p>Is the above possible using SNAC?  Do I need to use the gateway enforcer?  Are there some installation/configuration instructons that are relevant to this?</p> <p>Thanks in advance.</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/using-snac-gateway-enforcer-checkpoint-vpn-1-client#comments Network Access Control Security Mon, 01 Mar 2010 16:27:13 +0000 Alesupper 1218511 at http://www.symantec.com/connect Windows DHCP Enforcer doesn't connect to SEPM http://www.symantec.com/connect/forums/windows-dhcp-enforcer-doesnt-connect-sepm <p>Hi,</p> <p>I'm using SNAC with SEPM. I have DHCP server on our Domain Controller. and we installed DHCP Enforcer on this servr. At first I couldnt remember the encryption password, so I backed up our database and certification, then I uninstalled and installed SEPM. During install I gave new and simple encryption password and I noted it. I restored database and certification. But after these processes DHCP Enforcer still doesn't connect. I looked at the debug.log file and every time i try to connect it logs these :</p> <p>Feb/26/2010 13:15:17:468  [  370]: ===================== Integrated Enforcer Starting 11.0.5002.231 =====================<br /> Feb/26/2010 13:15:17:468  [   76]: DebugSetDebugLevel: setting debug level to 3.<br /> Feb/26/2010 13:15:17:468  [ 1292]: initProfile: failed to copy file, err=The system cannot find the file specified. (0x2).<br /> Feb/26/2010 13:15:17:468  [  255]: LogInitialize: Enforcer Log Initialize Complete!<br /> Feb/26/2010 13:15:17:468  [ 1661]: LoadExternalAuthDlls: dll folder found=1, dwStatus=259<br /> Feb/26/2010 13:15:17:468  [ 1722]: LoadExternalAuthDlls: plugin disabled for folder BindView<br /> Feb/26/2010 13:15:17:484  [   75]: RADIUS intialize complete!<br /> Feb/26/2010 13:15:17:484  [  451]: DetectInitialize: Failed to bind to socket 16284.<br /> Feb/26/2010 13:15:17:484  [   96]: RADIUS cleaup!<br /> Feb/26/2010 13:15:17:484  [  810]: Detect init error! flags=00000000<br /> Feb/26/2010 13:15:17:484  [  900]: ServiceStart: Failed to initialize detect engine!<br /> Feb/26/2010 13:15:17:484  [ 1029]: ServiceStart: Clean up environment...<br /> Feb/26/2010 13:15:17:484  [  388]: DebugCleanup: Debug logging cleanup!<br /> Feb/26/2010 13:15:17:484  [  389]: ********************************************************************************</p> <p>And in snacDebugLog.log it logs these:</p> <p>Feb/26/2010 11:52:59:531  [  916]: current SPM: 192.168.110.228<br />  Feb/26/2010 12:05:15:546  [  370]: ===================== Integrated Enforcer Starting 11.0.5002.231 =====================<br /> Feb/26/2010 12:05:15:546  [   76]: DebugSetDebugLevel: setting debug level to 5.<br /> Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 388 --- name 0x54487230<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 388 --- stop event 0x188<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 400 --- name 0x54487231<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 400 --- stop event 0x18c<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 408 --- name 0x54487232<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 408 --- stop event 0x194<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 416 --- name 0x54487233<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 416 --- stop event 0x19c<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 424 --- name 0x54487234<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 424 --- stop event 0x1a4<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  371]: ****************** Thread Context ******************<br />  Feb/26/2010 12:05:15:546  [  372]: Thread ID 432 --- name 0x54487235<br />  Feb/26/2010 12:05:15:546  [  373]: Thread ID 432 --- stop event 0x1ac<br />  Feb/26/2010 12:05:15:546  [  374]: ****************************************************<br />  Feb/26/2010 12:05:15:546  [  401]: trying to register SERVER</p> <p> Feb/26/2010 12:05:15:578  [  897]: SPM return bad request for the registration request!! Share secret could be wrong!<br />  Feb/26/2010 12:05:15:578  [  416]: failed to register SERVER</p> <p> Feb/26/2010 12:05:15:578  [  231]: Registration failed!</p> <p> Feb/26/2010 12:05:20:546  [  916]: current SPM: SERVER</p> <p> I'm sure encryption password on Enforcer is same as I wrote on initial installation. What can I do? I don't want to use Windows NAP because we payed on this software and I can't say to our manager that it is unusable. Thanks for advices.</p> <div class="field field-type-number-integer field-field-forum-solved-comment-id"> <div class="field-items"> <div class="field-item odd"> 3642881 </div> </div> </div> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/windows-dhcp-enforcer-doesnt-connect-sepm#comments Network Access Control Security Fri, 26 Feb 2010 11:47:31 +0000 AhmetSoyletir 1215661 at http://www.symantec.com/connect Can anyone suggest about how to write a Host Integrity custom requirement? http://www.symantec.com/connect/forums/can-anyone-suggest-about-how-write-host-integrity-custom-requirement <p>Hi,</p> <p> I would like to use a custom requirement to check whether there is a specified file in a computer or not?<br /> But my problem is that how to use a variable to represent a path for the specified file.</p> <p>Actually, i would like to check whether or not there is a cookie file in <br /> C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files<br /> But <strong>C:\Documents and Settings\Administrator <br /> is normally different on each computer based on a user logon to that computer<br /> Also, the name of the file that i'd like to check , the cookie file actually, is in the format </strong><a href="mailto:user@domain"><strong>user@domain</strong></a><strong> ex. </strong><a href="mailto:administrator@abc.com"><strong>administrator@abc.com</strong></a> </p> <p>So how can i use any variables to represent the path and the user info.<br /> <strong>ex. %USERPROFILE%\Administrator\Local Settings\Temporary Internet Files</strong><br /> And about the file name, can i use %USERNAME% to represent the first portion of the file name<br /> <strong>ex. </strong><a href="mailto:%USERNAME%@abc.com"><strong>%USERNAME%@abc.com</strong></a></p> <p> <em>I've tested with using %USERPROFILE% to represent the path of the file.<br /> But SEP agent cannot find the specified file when using the path above.</em></p> <p>Does anyone know about using these variables?<br /> Please suggest</p> <p>Thanks<br /> </p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/can-anyone-suggest-about-how-write-host-integrity-custom-requirement#comments Network Access Control Configuring Rules Tip/How to Security Tue, 16 Feb 2010 09:27:15 +0000 mochawhip 1199461 at http://www.symantec.com/connect About New User logins to the system http://www.symantec.com/connect/forums/about-new-user-logins-system <p>I have the problem with new user account.</p> <p>Whenever I login to the system with new account, the system always says that "the domain is not available." If i connect this computer with the port without 802.1x, It works.</p> <p>In my network, I have two special vlan. One is Machine-vlan, the other is quarantine-Vlan.</p> <p>We configure Machine-vlan with Access-list. </p> <p>Therefore, I remove the access-list from Machine-vlan.</p> <p>Then the new user could access to the network to get the profile.</p> <p>Could some one help me?</p> <p> </p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/about-new-user-logins-system#comments Network Access Control Security Thu, 11 Feb 2010 03:17:44 +0000 Jacky.Wu 1194451 at http://www.symantec.com/connect Symantec Network Proxy service C++ runtime error [ccproxy.exe] http://www.symantec.com/connect/forums/symantec-network-proxy-service-c-runtime-error-ccproxyexe <p>Hi</p> <p>Introduction:<br /> First being not very familiar with the forum - I apologize if the message is not in proper category.<br /> If it is not - please be kind to redirect me to the proper category where I might find an answer.<br /> This is about Symantec Network Proxy which crashes above a certain amount of data transfered<br /> via some web method.</p> <p>Problem:<br /> I am currently developping a tool (C# - .NET) which access a remote web server (internal network).</p> <p>In many cases - the tool works - it fires a http query along an xml request which leads to a <br /> response stream. </p> <p>However - when this streams is above a certain size (usually around a 70Mb file or maybe less),<br /> a C++ run time happens and the ccproxy.exe service (Symantec Network Proxy) on the user <br /> workstation crash preventing further access to the target server - Other accesses work fine.</p> <p>There is no other specific message than "the application has requested the runtime to terminate<br /> it in an unusual way" along with the path and ccproxy.exe name.</p> <p>This is not bound to the application alone. Doing so using wget happens too ! (targeting same server<br /> while sending the xml and then getting the reponse from wget in a dos command window)</p> <p>version of ccproxy is 104.0.8.3</p> <p>Does anybody know why there is this behavior and how I could avoid this crash ?</p> <p>Many thanks in advance for your replies.<br /> Kind Regards<br /> F.</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/symantec-network-proxy-service-c-runtime-error-ccproxyexe#comments Network Access Control Security Sun, 07 Feb 2010 11:32:19 +0000 SymantecNetworkProxyError 1187361 at http://www.symantec.com/connect Do you have a reference related to SNAC 11.x manager and SPA 5.1 agent? http://www.symantec.com/connect/forums/do-you-have-reference-related-snac-11x-manager-and-spa-51-agent <div>Dear all,</div> <div> </div> <div>I have tested whether SEPM 11.x manages SPA(Symantec Protection Agent) 5.1 with the gateway enforcer 11.x or not.</div> <div> </div> <div>It seems to be possible to manage the SPA 5.1 with SEPM 11.x for the network access control.</div> <div> </div> <div>However I am wondering if there is a side-effect in this environment.</div> <div>And also is there any reference site that this environment is applied to?</div> <div> </div> <div>For instance, any other documents, url and etc.</div> <div> </div> <div>I need your help as quickly as possible.</div> <div> </div> <div>Thank you!</div> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/do-you-have-reference-related-snac-11x-manager-and-spa-51-agent#comments Network Access Control Security Fri, 29 Jan 2010 08:02:18 +0000 Fossil 1177061 at http://www.symantec.com/connect Error 812 VPN Connection http://www.symantec.com/connect/forums/error-812-vpn-connection <p>I'm running on Win 7. When trying to connect back to my workplace, i encountered this error:<br /> Error 812 : The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.</p> <p>A quick check with others running on Vista or Xp, they face no problem.<br /> Any idea how to overcome this? the message indicates some setting error at server.</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/error-812-vpn-connection#comments Network Access Control User Group Security Fri, 29 Jan 2010 03:44:54 +0000 thlin 1176901 at http://www.symantec.com/connect SNAC LAN Enforcer v11RU5 Agent connectivity issues http://www.symantec.com/connect/forums/snac-lan-enforcer-v11ru5-agent-connectivity-issues <p>All,</p> <p>I am currently working on a LAN enforcer implementation using SEP/SNAC/Enforcer version 11RU5.  We are configuring the enforcer to function as a RADIUS proxy performing HI checks between the 802.1x switches (2 switch varieties; HP Procurve 2626 and CIsco Catalyst 3560-E) and an SBR RADIUS server (version 6 Enterprise Edition on Windows Server 2003).  </p> <p>The clients we are (trying) to authenticate are running Windows XPproSP3, with the following agent components installed and loaded:<br /> SEP-11 RU5<br /> - AntiVirus/AntiSpyware<br /> - SNAC Agent</p> <p>The following components are NOT installed:<br /> - AntiVirus EMail scanning tools<br /> - Network Threat Protection<br /> - Proactive Threat Protection</p> <p>We have confirmed that we are able to successfully authenticate an endpoint via RADIUS (without NAC) and provision it correctly, however, when we bring the NAC enforcer in-line (configuring the switches to forward EAPOL to the enforcer as a RADIUS server, and registering the NAC as a NAS/RADIUS client with the SBR) we see the endpoints get dropped into the guest VLAN instead of the production VLAN, despite being able to pass the HI checks.  Upon review and confirmation that the switch action tables should result in the client being assigned to the User VLAN rather than guest, (Machine=Pass, User=Pass, Policy=Pass, OPEN PORT), I have discovered via the debug logs that it appears as though the SNAC agent on the endpoint is NOT responding to HI challenges from the enforcer; kernel debug (support level) shows two lines if interest:<br /> "[ radproxy.c ] [4626]  No lan enforcer reply header for user (username)"<br /> followed shortly by:<br /> "[ radproxy.c] [0828]  Client [0000004e] <username> Status recieved (HI: UNAVAILABLE, EAP: PASSED, PRO: UNKNOWN, UID is unknown HI will be set to N/A.  Enforcer matches (HI: UNAVAILABLE, EAP: PASSED, PRO: ANY); OPEN_PORT on switch <switch ip></p> <p>NOTE: in this excerpt, I had to set all switch actions to OPEN PORT in order to get it connected, I did this to rule out a misconfiguration on the switch or a RADIUS accounting issue.  The "Usual" result for matching HI: Unavailable, EAP: Passed, PRO: ANY is to move the endpoint to a remediation VLAN (so we can install the SNAC agent).  It does this if the action table specifies, BUT I don't understand how I am getting a return of "HI: UNAVAILABLE" when the SNAC agent is installed, configured to use 802.1x (it's not serving as the supplicant), can pass (or fail) an HI check correctly, and both the SNAC Agent and enforcer are visible and report status to the SEPM...??</p> <p>I would appreciate any suggestions that can be offered on this.</p> <p>Debug logs, switch configs and packet capture are available to Symantec personnel upon request.</p> <div class="og_rss_groups"></div> http://www.symantec.com/connect/forums/snac-lan-enforcer-v11ru5-agent-connectivity-issues#comments Network Access Control Agents Configuring Windows Troubleshooting Security Thu, 28 Jan 2010 21:20:37 +0000 CJK 2 1176371 at http://www.symantec.com/connect